edevletsifresi.name.tr Open in urlscan Pro
89.252.179.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://edevletsifresi.name.tr/
Submission: On July 13 via api (July 13th 2023, 5:38:01 pm UTC) from TR — Scanned from DE

Summary HTTP 88 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 8 countries across 19 domains to perform 88 HTTP transactions. The main IP is 89.252.179.222, located in Turkey and belongs to GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR. The main domain is edevletsifresi.name.tr.

This is the only time edevletsifresi.name.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	89.252.179.222 89.252.179.222	42846 (GUZELHOST...) (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S.)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	52.29.25.103 52.29.25.103	16509 (AMAZON-02) (AMAZON-02)
2 11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	18.193.242.108 18.193.242.108	16509 (AMAZON-02) (AMAZON-02)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:df08:f9aa:adb2:e3d1	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
88	17

19 89.252.179.222 (Turkey)

ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR)
PTR: 2225amnan.guzel.net.tr

edevletsifresi.name.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.25.103 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-25-103.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.242.108 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-242-108.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:df08:f9aa:adb2:e3d1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	113 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	345 KB
19	edevletsifresi.name.tr edevletsifresi.name.tr	899 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
6	gstatic.com fonts.gstatic.com	198 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	4 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	500 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	725 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	929 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	113 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	760 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8246	669 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	787 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	105 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	611 B
88	19

	Domain	Requested by
19	edevletsifresi.name.tr	edevletsifresi.name.tr
13	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	edevletsifresi.name.tr pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	edevletsifresi.name.tr googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects
2	c1.adform.net	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
88	23

This site contains links to these domains. Also see Links.

Domain
www.mhthemes.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://edevletsifresi.name.tr/
Frame ID: F22D2C06ABD52E59B3C1D9CE701D06A1
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 400B105B4DE089AAC12191DE704318A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=280&slotname=3551418772&adk=3632519503&adf=2181430633&pi=t.ma~as.3551418772&w=1200&fwrn=4&fwrnh=100&lmt=1689269876&rafmt=1&format=1200x280&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1689269876347&bpp=6&bdt=452&idt=326&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&correlator=2447378792555&frm=20&pv=2&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=e5CJbN7fcV&p=http%3A//edevletsifresi.name.tr&dtd=343
Frame ID: 424EFD524CCC7869EB91993CBF5DBF1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=280&slotname=3551418772&adk=3616167653&adf=672738967&pi=t.ma~as.3551418772&w=355&fwrn=4&fwrnh=100&lmt=1689269876&rafmt=1&format=355x280&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1689269876353&bpp=1&bdt=458&idt=346&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=TSzJymqEEm&p=http%3A//edevletsifresi.name.tr&dtd=350
Frame ID: F7CEFD6C1EB0B3BD98E4D29DD9B9B349
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&adk=3826760629&adf=1341073466&lmt=1689269876&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&ea=0&pra=7&wgl=1&dt=1689269876369&bpp=2&bdt=474&idt=340&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C355x280&nras=1&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=351
Frame ID: 4F801D1C3229055DE8259F2B027EA6BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=277&adk=380812027&adf=1973922798&pi=t.aa~a.16905722~rp.4&w=905&lmt=1689269877&nsk=77cb00c&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x277&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=2&bdt=1177&idt=-M&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0&nras=2&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=1575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KHHimeZkYr&p=http%3A//edevletsifresi.name.tr&dtd=15
Frame ID: BE6B72C124C7EAC494CEA080CCC60945
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=198&adk=553010911&adf=1612866638&pi=t.aa~a.2726774663~rp.4&w=905&lmt=1689269877&nsk=47c09baa&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x198&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=1&bdt=1177&idt=1&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0%2C905x277&nras=3&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QNF5Jjecor&p=http%3A//edevletsifresi.name.tr&dtd=19
Frame ID: C58AFF7DDEBBE21D94D7BDF85734DCFD
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C4132BB9C0962EF60C6EE05EC175801
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AB21FD507C3C6D5D1924073140BEF5C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B9DCDD60A91DBA8FECEDC67E0BE72B58
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F466B4C36FA5D8741C91A59D7DE2A398
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FA9FB79E77F2656A4216C9EBED46155C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC71A5D76B75A16DE3A89B68402B3865
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 91FB34D5EDDE24DEB7473E791A4549ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 42AF8D44C04E15451B0225E389F37CE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

E Devlet Bilgi

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

88
Requests

67 %
HTTPS

55 %
IPv6

19
Domains

23
Subdomains

17
IPs

8
Countries

1677 kB
Transfer

2915 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mhthemes.com/
Title: MH Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cver=1&google_push=AaAOQGFtvzHx1f1iwq2iNteqmXpc_lBP_oQdC_RrmMj3yxM5hoWCrvAQqPDy_mllJJzIr_F0eUd2bKNpE69Y5bj9DHAjFx_aUVX7QUP4uEA616xYyO6NPPY48S6K7DhBMxYASDsOibE03f8pKAUkW6cTA3-uE84 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cver=1&google_push=AaAOQGFtvzHx1f1iwq2iNteqmXpc_lBP_oQdC_RrmMj3yxM5hoWCrvAQqPDy_mllJJzIr_F0eUd2bKNpE69Y5bj9DHAjFx_aUVX7QUP4uEA616xYyO6NPPY48S6K7DhBMxYASDsOibE03f8pKAUkW6cTA3-uE84 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cver=1&google_push=AaAOQGFtvzHx1f1iwq2iNteqmXpc_lBP_oQdC_RrmMj3yxM5hoWCrvAQqPDy_mllJJzIr_F0eUd2bKNpE69Y5bj9DHAjFx_aUVX7QUP4uEA616xYyO6NPPY48S6K7DhBMxYASDsOibE03f8pKAUkW6cTA3-uE84

Request Chain 72

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPQHaiFkwbbWrbcXoERtBTs&google_cver=1&google_push=AaAOQGH7L15AM222qPWDAyR5Y4_OEvxkXtOxElMGFVqkawNFRFllDN-LhHWTeNaqcbKo2MjdaQMNSepMsCTNFgohIbzODxDkb7KlbZRHiBHLk_tcTbEohe79LMaJT-dcMX0wTt6XO9kZZxJnZOstJ6lkD2U0hA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7L15AM222qPWDAyR5Y4_OEvxkXtOxElMGFVqkawNFRFllDN-LhHWTeNaqcbKo2MjdaQMNSepMsCTNFgohIbzODxDkb7KlbZRHiBHLk_tcTbEohe79LMaJT-dcMX0wTt6XO9kZZxJnZOstJ6lkD2U0hA

Request Chain 73

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEISUOn0yXhukX6_1HcCgGa4&google_cver=1&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-WyOis71r0F33PJn4q2OlBst50 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEISUOn0yXhukX6_1HcCgGa4&google_cver=1&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-WyOis71r0F33PJn4q2OlBst50 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-WyOis71r0F33PJn4q2OlBst50&google_hm=oYq3hlR1TiWBwwRdN89FUQ==

Request Chain 75

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEP8yXSynmfW2hSqajHN7V94&google_cver=1&google_push=AaAOQGHkBDMHspo_Kf0s7NkwpOjjwp44V3OeejTESGjZo3XRvgrHT1Ocx6WUIV1Qs0Gl_gTFw9jgWx_QN9JIaIBkzaoaY_Mh0G2VaBPiwBfAe6XngU1ft3WviwVs23v4XdqBK2ubYEcYC8mTb4uB69g1DlYyuQk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHkBDMHspo_Kf0s7NkwpOjjwp44V3OeejTESGjZo3XRvgrHT1Ocx6WUIV1Qs0Gl_gTFw9jgWx_QN9JIaIBkzaoaY_Mh0G2VaBPiwBfAe6XngU1ft3WviwVs23v4XdqBK2ubYEcYC8mTb4uB69g1DlYyuQk&google_hm=RFlaNZ6KSSqm8kn9FQaUUWk

Request Chain 77

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDEzoBXDtSKi6vEvyglh2mY&google_cver=1&google_push=AaAOQGHy19r1qn0k0-T5oiWJmJw28tdqe5du9k07GeE2acATBFlJeF_-txai0LJcRe4KAkOFHPeFqLR_vBKnCgDAZGe8D6zlyUAYR_recwJzxnSgWXj1YWvjZBVb8LXOpQyQ2Yxx9wIlp7A5nKelCBgEQmkQLA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1NDk5MjY0MzI0MjAyMDM5Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEzoBXDtSKi6vEvyglh2mY&google_cver=1

Request Chain 79

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cver=1&google_push=AaAOQGElKmLCHEdy37IYFque7brBRGlm_PkroI5yW71R4YFd6mWZzbVRu0nLky2nBktZbFPRJlwtZXeVLWVF2-oTRY0OIaWsRLTYrWFLLGVMO7Vmw7jNczjZy1Q0miGHE8lrdUYVUl71HKgfkSFylerMvg_bUIM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cver=1&google_push=AaAOQGElKmLCHEdy37IYFque7brBRGlm_PkroI5yW71R4YFd6mWZzbVRu0nLky2nBktZbFPRJlwtZXeVLWVF2-oTRY0OIaWsRLTYrWFLLGVMO7Vmw7jNczjZy1Q0miGHE8lrdUYVUl71HKgfkSFylerMvg_bUIM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cver=1&google_push=AaAOQGElKmLCHEdy37IYFque7brBRGlm_PkroI5yW71R4YFd6mWZzbVRu0nLky2nBktZbFPRJlwtZXeVLWVF2-oTRY0OIaWsRLTYrWFLLGVMO7Vmw7jNczjZy1Q0miGHE8lrdUYVUl71HKgfkSFylerMvg_bUIM

Request Chain 80

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGY1dburaojyWySdoFY3zAk&google_cver=1&google_push=AaAOQGHwomjndUQRbGGlkURRnKpW6iDpVDDNbBG1bITh8DvtGcFqfF4_-gVTWSTzBUZtzGTs9N5T31pbRqg5t46t12X2wPQPgd2q_dul2x0wvbwhL0NxY1eaZv6wR0_bbp_hCvOXtitn6DNpbicibyvttDQie5s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHwomjndUQRbGGlkURRnKpW6iDpVDDNbBG1bITh8DvtGcFqfF4_-gVTWSTzBUZtzGTs9N5T31pbRqg5t46t12X2wPQPgd2q_dul2x0wvbwhL0NxY1eaZv6wR0_bbp_hCvOXtitn6DNpbicibyvttDQie5s&google_hm=eS1STVRXWGM5RTJwR0E1RUJDamU4Z1VZXzhRNFlqd1hSUX5B

Request Chain 81

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECuyBnj--haLkbSfATq27fo&google_cver=1&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-XBiSq05hc4RzN359M1jlnyJ847Ztbghv4haSirIWSRTlYsHkv2A3pNeD7WDdR_Wic4UC9fwY6RW8hGEx7A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECuyBnj--haLkbSfATq27fo&google_cver=1&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-XBiSq05hc4RzN359M1jlnyJ847Ztbghv4haSirIWSRTlYsHkv2A3pNeD7WDdR_Wic4UC9fwY6RW8hGEx7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5ODI3Mjc3NjkxNTU1MTkwMw&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-XBiSq05hc4RzN359M1jlnyJ847Ztbghv4haSirIWSRTlYsHkv2A3pNeD7WDdR_Wic4UC9fwY6RW8hGEx7A

Request Chain 83

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG_3RCPiPSQENNAE7tgwfAA&google_cver=1&google_push=AaAOQGG9N6Vhvr1VljHHB4RLq1q1U31lPViMwzJDi8YKTfT7bInGj95JtA027iFXpDQJq8c4Ko__bcANrYThTUeQJAKJxaEwkXvWSr1FAmMUrhLiMowyW3GK3bqzpt5xlSZZl0_aqApNfD9cSWgCd-mC1scg6w0X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGG9N6Vhvr1VljHHB4RLq1q1U31lPViMwzJDi8YKTfT7bInGj95JtA027iFXpDQJq8c4Ko__bcANrYThTUeQJAKJxaEwkXvWSr1FAmMUrhLiMowyW3GK3bqzpt5xlSZZl0_aqApNfD9cSWgCd-mC1scg6w0X HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

88 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
edevletsifresi.name.tr/ 39 KB
8 KB 604ms
411ms Document
text/html 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed / PHP/8.1.20
Resource Hash: 4851aca011d4bb898eed640747197c52ef36625304e09a5b95be4c238d28d377

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 17:37:52 GMT
link: <http://edevletsifresi.name.tr/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.20

GET
H/1.1 200
OK style.min.css
edevletsifresi.name.tr/wp-includes/css/dist/block-library/ 87 KB
12 KB 115ms
80ms Stylesheet
text/css 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:52 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 02:11:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 11658
expires: Thu, 20 Jul 2023 17:37:52 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
edevletsifresi.name.tr/wp-includes/js/ 18 KB
5 KB 167ms
80ms Script
application/javascript 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-includes/js/wp-emoji-release.min.js?ver=6.0.5
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 21:47:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5021
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 141ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400italic,400,500,600,700

Requested by

Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6b9871297a3383c3d11fabe097eb845854639f07de3dbcc0b0d3e5ebba61630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 17:37:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 17:37:56 GMT

GET
H/1.1 200
OK style.css
edevletsifresi.name.tr/wp-content/themes/tuto/ 41 KB
9 KB 129ms
80ms Stylesheet
text/css 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-content/themes/tuto/style.css?ver=1.2.5
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 0425301ced788b3b79eb36ca72c74394b7f9a418a2fb6f0494f726a63df415c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2018 10:26:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 8832
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK font-awesome.min.css
edevletsifresi.name.tr/wp-content/themes/tuto/includes/ 28 KB
7 KB 162ms
84ms Stylesheet
text/css 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-content/themes/tuto/includes/font-awesome.min.css
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2018 10:26:07 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6602
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK jquery.min.js Show response
edevletsifresi.name.tr/wp-includes/js/jquery/ 87 KB
31 KB 162ms
84ms Script
application/javascript 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 21:47:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 30969
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
edevletsifresi.name.tr/wp-includes/js/jquery/ 11 KB
4 KB 162ms
84ms Script
application/javascript 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 11:47:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4168
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK scripts.js Show response
edevletsifresi.name.tr/wp-content/themes/tuto/js/ 14 KB
6 KB 163ms
85ms Script
application/javascript 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-content/themes/tuto/js/scripts.js?ver=6.0.5
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 91961ff41bf0d6ee4559d8b3fde29639537b1b47a2b5924b15d43a86ad2f52b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2018 10:26:07 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5352
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
53 KB 143ms
91ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7825da37fd22a4c99742af23294d3a78ad893c3dfdb3a64ed909ca86e526119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 17:37:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 53798
X-XSS-Protection: 0
Server: cafe
ETag: 14325808403439791813
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 13 Jul 2023 17:37:56 GMT

GET
H/1.1 200
OK HES-Kodu-Sorgulama.jpg
edevletsifresi.name.tr/wp-content/uploads/2021/04/ 42 KB
42 KB 82ms
82ms Image
image/jpeg 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2021/04/HES-Kodu-Sorgulama.jpg
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 6b562a4967ce155bc573069e0e5752d0415735ff6aa256158ec85bab29e30d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Fri, 09 Apr 2021 12:00:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 43124
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400italic,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://edevletsifresi.name.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 03:19:22 GMT
x-content-type-options: nosniff
age: 137914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 03:19:22 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
edevletsifresi.name.tr/wp-content/themes/tuto/fonts/ 70 KB
71 KB 80ms
80ms Font
font/woff2 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: http://edevletsifresi.name.tr/wp-content/themes/tuto/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/wp-content/themes/tuto/includes/font-awesome.min.css
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: http://edevletsifresi.name.tr/wp-content/themes/tuto/includes/font-awesome.min.css
Origin: http://edevletsifresi.name.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 10:26:08 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 71896
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v28/ 30 KB
30 KB 182ms
97ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400italic,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://edevletsifresi.name.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 16:41:00 GMT
x-content-type-options: nosniff
age: 435416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30448
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 20:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 16:41:00 GMT

GET
H/1.1 200
OK e-devlet-sifremi-unuttum-768x409.png
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 156 KB
156 KB 82ms
82ms Image
image/png 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/e-devlet-sifremi-unuttum-768x409.png
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 0f41fbd9772a2fc1ca8cc4296358e67c1136746d74a52a9299426201ff51f208

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 159316
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK e-devlet-giris.png
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 49 KB
49 KB 87ms
84ms Image
image/png 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/e-devlet-giris.png
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: bbc74c6bae08bb44822691817fee4b9a2939c31885c71f9dd2a7950ea879a0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 49995
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK hes-karekod-360x270.jpg
edevletsifresi.name.tr/wp-content/uploads/2021/04/ 18 KB
18 KB 84ms
82ms Image
image/jpeg 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2021/04/hes-karekod-360x270.jpg
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: cd541bce8b062f99a3a36595daa08e8d5ba9a0c2134474ecf00b91f1516ddcb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Fri, 09 Apr 2021 11:52:24 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 18579
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK sgk-borc-sorgulama-768x362.jpg
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 38 KB
39 KB 87ms
84ms Image
image/jpeg 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/sgk-borc-sorgulama-768x362.jpg
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 5590bcde5fb5d9dd95e7a924409f054bca443e7088d8b35035f01b5b6ec80efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 39324
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK Hastane-Randevusu-Alma.png
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 246 KB
246 KB 80ms
80ms Image
image/png 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/Hastane-Randevusu-Alma.png
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: cf476153d4496eb294bc150a1b267fd0249829c23d5b5104efdeeb605d04187c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 251485
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK dava-dosyasi-sorgulama-768x410.png
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 83 KB
83 KB 83ms
83ms Image
image/png 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/dava-dosyasi-sorgulama-768x410.png
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: d787756e266f503e6a9df33faa2605223d33cedc002f27eb1621009723144ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 84779
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK arac-plaka-sorgulama.jpg
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 38 KB
39 KB 80ms
80ms Image
image/jpeg 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/arac-plaka-sorgulama.jpg
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 7be175761d62cd62f78d627fbf2b29f7efaddbe62e3f849934d5c02c4ed09278

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 39108
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK arac-sorgulama-768x421.jpg
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 31 KB
31 KB 80ms
80ms Image
image/jpeg 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/arac-sorgulama-768x421.jpg
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 563e86218245233e61f2c2f60b7695930793dc43753c2ccb98b0b2ca6ec11b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 31901
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H/1.1 200
OK Vergi-Borcu-Sorgulama.jpg
edevletsifresi.name.tr/wp-content/uploads/2017/11/ 43 KB
43 KB 81ms
81ms Image
image/jpeg 89.252.179.222
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://edevletsifresi.name.tr/wp-content/uploads/2017/11/Vergi-Borcu-Sorgulama.jpg
Requested by: Host: edevletsifresi.name.tr
URL: http://edevletsifresi.name.tr/
Protocol: HTTP/1.1
Server: 89.252.179.222 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 2225amnan.guzel.net.tr
Software: LiteSpeed /
Resource Hash: bddc03c81d6f800144ab555ca280cf17e9c627d45bb2d3ad29e3d147611d1479

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:53 GMT
last-modified: Wed, 10 Jan 2018 08:40:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 43939
expires: Thu, 20 Jul 2023 17:37:53 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307060101/ 355 KB
122 KB 213ms
124ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8405620622907549&plah=edevletsifresi.name.tr

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ea8c5ab9048f4b7e537344be328c04b40978d1d093d0417b360bbf99e97528f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124916
x-xss-protection: 0
server: cafe
etag: 6667042890198723514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:37:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 400B 10 KB
5 KB 130ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 12:09:00 GMT
etag: 12368291122986407432
expires: Thu, 27 Jul 2023 12:09:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 411 B
611 B 154ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=edevletsifresi.name.tr&callback=_gfp_s_&client=ca-pub-8405620622907549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8405620622907549&plah=edevletsifresi.name.tr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e4d913ff72aaa74a9e25f64656d3be331b67f41936601a1abdd49bf773da7af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 153ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edevletsifresi.name.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 424E 430 B
431 B 222ms
221ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=280&slotname=3551418772&adk=3632519503&adf=2181430633&pi=t.ma~as.3551418772&w=1200&fwrn=4&fwrnh=100&lmt=1689269876&rafmt=1&format=1200x280&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1689269876347&bpp=6&bdt=452&idt=326&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&correlator=2447378792555&frm=20&pv=2&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=e5CJbN7fcV&p=http%3A//edevletsifresi.name.tr&dtd=343

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b47b5c9ba614872cc9703fdf4ff0ef074604fc32c61dd06dc8927c09ea3ed03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:56 GMT
expires: Thu, 13 Jul 2023 17:37:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7CE 430 B
379 B 225ms
224ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=280&slotname=3551418772&adk=3616167653&adf=672738967&pi=t.ma~as.3551418772&w=355&fwrn=4&fwrnh=100&lmt=1689269876&rafmt=1&format=355x280&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1689269876353&bpp=1&bdt=458&idt=346&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=TSzJymqEEm&p=http%3A//edevletsifresi.name.tr&dtd=350

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a8e58afd7ddb2bc521a1fcc88f5301a35f221db97e9348570ffc349246555ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:56 GMT
expires: Thu, 13 Jul 2023 17:37:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F80 14 KB
6 KB 238ms
238ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&adk=3826760629&adf=1341073466&lmt=1689269876&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&ea=0&pra=7&wgl=1&dt=1689269876369&bpp=2&bdt=474&idt=340&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C355x280&nras=1&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=351

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068a6a7820e7a7a1081986e7135e394e4a3b82044b38fee1d9a0c9f3b342e3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5519
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:56 GMT
expires: Thu, 13 Jul 2023 17:37:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 175ms
91ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e89d414f602d80ef3e54dccdc978817b9a72cd8ba5d99fac218ae803a873648e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11684
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 49ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edevletsifresi.name.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE6B 133 KB
50 KB 542ms
541ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=277&adk=380812027&adf=1973922798&pi=t.aa~a.16905722~rp.4&w=905&lmt=1689269877&nsk=77cb00c&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x277&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=2&bdt=1177&idt=-M&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0&nras=2&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=1575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KHHimeZkYr&p=http%3A//edevletsifresi.name.tr&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee5aacf7fe3cf3c5ddc73753cbd7b3af8009fb80d5fe6822add65838d072c8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50955
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:57 GMT
expires: Thu, 13 Jul 2023 17:37:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C58A 134 KB
50 KB 504ms
503ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=198&adk=553010911&adf=1612866638&pi=t.aa~a.2726774663~rp.4&w=905&lmt=1689269877&nsk=47c09baa&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x198&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=1&bdt=1177&idt=1&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0%2C905x277&nras=3&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QNF5Jjecor&p=http%3A//edevletsifresi.name.tr&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146faf3868529a56a80418e136cb53670e6e7c41069ad6a18a93e2743f36ef5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50792
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:57 GMT
expires: Thu, 13 Jul 2023 17:37:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 166ms
50ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C41 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 16:36:28 GMT
expires: Fri, 12 Jul 2024 16:36:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4AB2 783 B
1 KB 142ms
50ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d3f04a4c0d87fbbab44b0289644fe715bc5fe5450909420fc744a60e8ff0c38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jo1YT1kyTLZFmPEPxtgLGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://edevletsifresi.name.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Jo1YT1kyTLZFmPEPxtgLGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:57 GMT
expires: Thu, 13 Jul 2023 17:37:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C41 38 KB
15 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 18:20:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4AB2 0
0 86ms
73ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=774310051563929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame C58A 15 KB
1015 B 68ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=198&adk=553010911&adf=1612866638&pi=t.aa~a.2726774663~rp.4&w=905&lmt=1689269877&nsk=47c09baa&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x198&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=1&bdt=1177&idt=1&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0%2C905x277&nras=3&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QNF5Jjecor&p=http%3A//edevletsifresi.name.tr&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e86254778e916dfe7beef4baa04f18a727fdd8bc9f70281080803e12bb1fee5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 17:37:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C58A 15 KB
967 B 68ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e86254778e916dfe7beef4baa04f18a727fdd8bc9f70281080803e12bb1fee5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 17:37:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame C58A 34 KB
13 KB 55ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:53:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C58A 179 KB
57 KB 188ms
61ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame C58A 23 KB
9 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:57:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame C58A 3 KB
1 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 15:04:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame C58A 20 KB
8 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:46:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BE6B 15 KB
967 B 57ms
56ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=277&adk=380812027&adf=1973922798&pi=t.aa~a.16905722~rp.4&w=905&lmt=1689269877&nsk=77cb00c&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x277&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=2&bdt=1177&idt=-M&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0&nras=2&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=1575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KHHimeZkYr&p=http%3A//edevletsifresi.name.tr&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e86254778e916dfe7beef4baa04f18a727fdd8bc9f70281080803e12bb1fee5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 17:37:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BE6B 15 KB
967 B 60ms
59ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e86254778e916dfe7beef4baa04f18a727fdd8bc9f70281080803e12bb1fee5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 17:37:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame BE6B 34 KB
13 KB 50ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:53:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE6B 179 KB
56 KB 200ms
123ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame BE6B 23 KB
9 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:57:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame BE6B 3 KB
1 KB 53ms
44ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 15:04:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame BE6B 20 KB
8 KB 69ms
61ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:46:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BE6B 0
0 57ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAJB5cOlp3EeFmA2zu2J_smKDCLshtRUL0HQxsMsLteeNb45ASjP1ca5_mXQh7FISzZB2XzDBaZFaEqls2XcsbicfZmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=277&adk=380812027&adf=1973922798&pi=t.aa~a.16905722~rp.4&w=905&lmt=1689269877&nsk=77cb00c&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x277&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=2&bdt=1177&idt=-M&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0&nras=2&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=1575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KHHimeZkYr&p=http%3A//edevletsifresi.name.tr&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C41 0
10 B 44ms
40ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xA6rMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9544549343406611527/ Frame C58A 16 KB
16 KB 94ms
94ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9544549343406611527/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI5wIQvAEYASABLQAAAD8w6AI4vAFFAACAPw&rs=AOga4qmHEf_lV0JxjdDmXCz6QP4HUoEY1A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31307582a650b4084b22d6c70fc62d561fdc317daf4e2f83e22d151f70274df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16516
x-xss-protection: 0
last-modified: Wed, 17 May 2023 14:20:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 17:37:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C58A 16 KB
16 KB 56ms
52ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 488845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 01:50:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame C58A 45 KB
46 KB 45ms
42ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 03:19:22 GMT
x-content-type-options: nosniff
age: 137915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 03:19:22 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11966807441284054268/ Frame BE6B 22 KB
22 KB 150ms
141ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11966807441284054268/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoInQIQlQEYASABLQAAAD8wngI4lQFFAACAPw&rs=AOga4qnc_2GNWQqkwdYX7TvRM-ga4HUA_A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fd152bfebf586699f0d4ddc1b218b0e4a15f709ce3fc624dca187bd236f68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:57 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22455
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 14:02:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 17:37:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE6B 16 KB
16 KB 44ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 488845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 01:50:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame BE6B 45 KB
46 KB 48ms
45ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 03:19:22 GMT
x-content-type-options: nosniff
age: 137915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 03:19:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B9DC 143 B
166 B 46ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=198&adk=553010911&adf=1612866638&pi=t.aa~a.2726774663~rp.4&w=905&lmt=1689269877&nsk=47c09baa&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x198&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=1&bdt=1177&idt=1&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0%2C905x277&nras=3&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QNF5Jjecor&p=http%3A//edevletsifresi.name.tr&dtd=19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F466 1 KB
643 B 48ms
43ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Fri, 14 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C58A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d192bf174bd10aa00cbef98d0bb504c95c40ad21c64cba32f5e1a5e585c101ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA9F 143 B
166 B 45ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=277&adk=380812027&adf=1973922798&pi=t.aa~a.16905722~rp.4&w=905&lmt=1689269877&nsk=77cb00c&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x277&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=2&bdt=1177&idt=-M&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0&nras=2&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=1575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KHHimeZkYr&p=http%3A//edevletsifresi.name.tr&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FC71 1 KB
643 B 44ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Fri, 14 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BE6B 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da7ebef45d41f800e40b555d4a79dd40706c9894f1007984d1cc4e9ba1064266

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BE6B 0
19 B 96ms
94ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdbcUdTawZM2oDMiBtOUP5b2y8AmQns70cPbLtLPCDLeG07zIKhABIIaV0CJglYKAgLQHoAGNkfWNA8gBBqkC0QykT4fBsj6oAwHIA8sEqgTyAU_Q5pIbLjdFMpedwhG157gAcp96Boy01VI8WP9e9zM6fuZdiJs8-Mx5zIXXDWmkEOqKndbHVu-w2eBcQ9YG5nxhQGqflrM7Qzy5rkc2unoalQsQ1IT_dVQmi4Ibn1hkClhjC47bj9Zk-DpGtfBzBJRQ8vXXWtUL87ivl35I2yMTo33iBuqNXl4QVL_hLRSXn_43Dy1zQ9Yo6KwavzVhvEYWGXqCRMbntGXsVDmF4KE3LQzpNSNTL2wzHbJCAH3ua2my7RJkmUB69SVfxiuO7tGzGXGM03zbMOsh4ON1XppyKBYZr0MbZ8ep4VvkK1tqtJkdwASZrr_QqgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH2-6KcqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK7qFNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODQwNTYyMDYyMjkwNzU0ORgA&sigh=M4jfst3fXDg&uach_m=[UACH]&cid=CAQSOwBpAlJWJ61pGvYhtY6YxIdThDujAYA6rU3a0oc9U05TXTOPxPs_FaHe_LWrial2pF0Ur-1vMyRWq6DuGAE&template_id=492&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=277&adk=380812027&adf=1973922798&pi=t.aa~a.16905722~rp.4&w=905&lmt=1689269877&nsk=77cb00c&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x277&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=2&bdt=1177&idt=-M&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0&nras=2&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=1575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=KHHimeZkYr&p=http%3A//edevletsifresi.name.tr&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Jul 2023 17:37:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C58A 0
19 B 90ms
88ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CubwPdTawZJPIDNrgtOUPkZC8iAjug622cZvXlqnXEemRpNv2OxABIIaV0CJglYKAgLQHoAHc8IWkA8gBBqkC0QykT4fBsj6oAwHIA8sEqgT9AU_Q-zv32v3oKVkRadoLakQCGkmL1Bw7L7PmtVN9KE7aMCpSnwEuErIVPAFYZlmOxYmkVFqDgX0JDzVuBoG8DbpY7nfASzd2j35YBHHcbVHjC6GCJDsHblXGkQVIQGMGF7yDlEIfBF0ERCuXonfNO33ynwe4NdluD7AfF9qMNxTCZVCVMEcyy5kw7w5wX3r12sRxwLRGHm6lTagcOE8FUI5lrEN15In0NQhTXyAy270a5TNv8KVNOK4PYZLFaia-mIsdrg-y6qWfexuMsfnuAqr4_vUCI4bfqZkcB37VpGzmmZ9ejJGKB70rbE-NYh0CncImHxjuip8W7j8Ee3bABJySn_ywBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAeMj_pbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQvOkG0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMM0BUBgBcBshccChoIABIUcHViLTg0MDU2MjA2MjI5MDc1NDkYAA&sigh=XUY7ierEHZw&uach_m=[UACH]&cid=CAQSOwBpAlJWV7Ueukmy9_1Hp3aaukeNg20mW1ZxiX73cCWmlfoX8c3UnJcFyKukrHIA8TC2rrakKDWwYwxbGAE&template_id=492&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=198&adk=553010911&adf=1612866638&pi=t.aa~a.2726774663~rp.4&w=905&lmt=1689269877&nsk=47c09baa&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x198&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=1&bdt=1177&idt=1&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0%2C905x277&nras=3&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QNF5Jjecor&p=http%3A//edevletsifresi.name.tr&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Jul 2023 17:37:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B9DC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
54ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:58 GMT
expires: Thu, 13 Jul 2023 17:37:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame F466 35 B
464 B 171ms
51ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFlP1LrKuXMIA4j14xeSEAE&google_cver=1&google_push=AaAOQGESsqgy6hS70anuIF4U_IGnHuFozpOXmXdF7nj70h8ozdDIC2HgIMJeXeAixmh1zmFcW3mOhc1WNvf9q_cPT6NYXE35kYaJ8nSoLS7Zehzs1frkBOGtY2UvJHwHs7e0ZvFbnOmO5N6pHqdbr2PGiMLZ4s0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F466 0
105 B 282ms
127ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIRbNFULeIJjTtipI46QJMs&google_cver=1&google_push=AaAOQGFc43Sm7AxGsWcvYmyxiXQW4WnUeL7Jc1NnGmgO9NY9x955li3QAavbWGjOXYDGnF2MGumXLmGSb4BgEaT7PrTORpDYwihAqfrwQlimqDyKKsWGOBRoAyYKvV5VJe2Xjt1jcR-m3aaWokxSitpv0K8rEvs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8405620622907549&output=html&h=198&adk=553010911&adf=1612866638&pi=t.aa~a.2726774663~rp.4&w=905&lmt=1689269877&nsk=47c09baa&rafmt=11&pwprc=5457903060&ad_type=text_image&format=905x198&url=http%3A%2F%2Fedevletsifresi.name.tr%2F&pra=3&wgl=1&fa=26&dt=1689269877072&bpp=1&bdt=1177&idt=1&shv=r20230711&mjsv=m202307060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4df8e4fc9cbb7208-22b6c7a9aee20093%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA&gpic=UID%3D00000c3c9c27117d%3AT%3D1689269876%3ART%3D1689269876%3AS%3DALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw&prev_fmts=1200x280%2C355x280%2C0x0%2C905x277&nras=3&correlator=2447378792555&frm=20&pv=1&ga_vid=504395625.1689269877&ga_sid=1689269877&ga_hid=739422013&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=125&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075850%2C31076088%2C44788441%2C44796684%2C44796827&oid=2&pvsid=774310051563929&tmod=2047396319&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=QNF5Jjecor&p=http%3A//edevletsifresi.name.tr&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F466
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cver=1&google_push=AaAOQGFtvzHx1f1iwq2iNteqmXpc_lBP_oQdC_RrmMj3yxM...

170 B
188 B

68ms
65ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cver=1&google_push=AaAOQGFtvzHx1f1iwq2iNteqmXpc_lBP_oQdC_RrmMj3yxM5hoWCrvAQqPDy_mllJJzIr_F0eUd2bKNpE69Y5bj9DHAjFx_aUVX7QUP4uEA616xYyO6NPPY48S6K7DhBMxYASDsOibE03f8pKAUkW6cTA3-uE84

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 17:37:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0d2a77f9c6d8820ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEJZbROquzgM5a5mM3oiJx5c&google_cver=1&google_push=AaAOQGFtvzHx1f1iwq2iNteqmXpc_lBP_oQdC_RrmMj3yxM5hoWCrvAQqPDy_mllJJzIr_F0eUd2bKNpE69Y5bj9DHAjFx_aUVX7QUP4uEA616xYyO6NPPY48S6K7DhBMxYASDsOibE03f8pKAUkW6cTA3-uE84
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F466
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPQHaiFkwbbWrbcXoERtBTs&google_cver=1&google_push=AaAOQGH7L15AM222qPWDAyR5Y4_OEvxkXtOxElMGFVqkawNFRFllDN-LhHWTeNaqcbKo2MjdaQMNSepMsCTNFgoh...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7L15AM222qPWDAyR5Y4_OEvxkXtOxElMGFVqkawNFRFllDN-LhHWTeNaqcbKo2MjdaQMNSepMsCTNFgohIbzODxDkb7KlbZRHiBHLk_tcTbEohe...

170 B
330 B

57ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7L15AM222qPWDAyR5Y4_OEvxkXtOxElMGFVqkawNFRFllDN-LhHWTeNaqcbKo2MjdaQMNSepMsCTNFgohIbzODxDkb7KlbZRHiBHLk_tcTbEohe79LMaJT-dcMX0wTt6XO9kZZxJnZOstJ6lkD2U0hA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 13 Jul 2023 17:37:58 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH7L15AM222qPWDAyR5Y4_OEvxkXtOxElMGFVqkawNFRFllDN-LhHWTeNaqcbKo2MjdaQMNSepMsCTNFgohIbzODxDkb7KlbZRHiBHLk_tcTbEohe79LMaJT-dcMX0wTt6XO9kZZxJnZOstJ6lkD2U0hA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 Jul 2023 17:37:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F466
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEISUOn0yXhukX6_1HcCgGa4&google_cver=1&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bY...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEISUOn0yXhukX6_1HcCgGa4&google_cver=1&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdk...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-...

170 B
233 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-WyOis71r0F33PJn4q2OlBst50&google_hm=oYq3hlR1TiWBwwRdN89FUQ==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-WyOis71r0F33PJn4q2OlBst50&google_hm=oYq3hlR1TiWBwwRdN89FUQ==
date: Thu, 13 Jul 2023 17:37:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F466 43 B
363 B 205ms
54ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEHKhVXPPLFG4ljN9daXabTY&google_cver=1&google_push=AaAOQGFfmH81-4sDGhr8uRu9Pluba6SXxSgGa-slRv3KJ1ts320DdvfNhD1b7LmaZGzh2wYZpNcDkZ7trjremXfkzFfEKy0p7dcuLMTf7rT_1NrjeCT6QOLgAT9nM-xVqdn3OHbOa4O_fjVn-cGQkA7RcR_pT2o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 226303
expires: Thu, 13 Jul 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F466
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEP8yXSynmfW2hSqajHN7V94&google_cver=1&google_push=AaAOQGHkBDMHspo_Kf0s7NkwpOjjwp44V3OeejTESGjZo3XRvgrHT1Ocx6WUIV1Qs0...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHkBDMHspo_Kf0s7NkwpOjjwp44V3OeejTESGjZo3XRvgrHT1Ocx6WUIV1Qs0Gl_gTFw9jgWx_QN9JIaIBkzaoaY_Mh0G2VaBPiwBfAe6XngU...

170 B
233 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHkBDMHspo_Kf0s7NkwpOjjwp44V3OeejTESGjZo3XRvgrHT1Ocx6WUIV1Qs0Gl_gTFw9jgWx_QN9JIaIBkzaoaY_Mh0G2VaBPiwBfAe6XngU1ft3WviwVs23v4XdqBK2ubYEcYC8mTb4uB69g1DlYyuQk&google_hm=RFlaNZ6KSSqm8kn9FQaUUWk

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHkBDMHspo_Kf0s7NkwpOjjwp44V3OeejTESGjZo3XRvgrHT1Ocx6WUIV1Qs0Gl_gTFw9jgWx_QN9JIaIBkzaoaY_Mh0G2VaBPiwBfAe6XngU1ft3WviwVs23v4XdqBK2ubYEcYC8mTb4uB69g1DlYyuQk&google_hm=RFlaNZ6KSSqm8kn9FQaUUWk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F466 0
140 B 161ms
50ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKt8OVJeYHSZOy2xH21d2Zobx3QUFSls12-g1MHSHuwb5bofG7HG4HJeO0syB7xCVA9GQP8g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FC71
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDEzoBXDtSKi6vEvyglh2mY&google_cver=1&google_push=AaAOQGHy19r1qn0k0-T5oiWJmJw28tdqe5du9k07GeE2acATBFlJeF_-txai0LJcRe4KAkOFHPeFqLR_vBKnCgDAZGe8D6zlyUAYR...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1NDk5MjY0MzI0MjAyMDM5Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEzoBXDtSKi6vEvyglh2mY&google_cver=1

43 B
398 B

110ms
47ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEzoBXDtSKi6vEvyglh2mY&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEzoBXDtSKi6vEvyglh2mY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame FC71 35 B
465 B 143ms
50ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOtcOVy_Qpu6aNAZIMpjRXQ&google_cver=1&google_push=AaAOQGE9F6NSVHjjvRDCNwEEgPHubeo5UaT6OyTpXdyRd2_A2V1mnPk7D3UcX39NmKCmJw4iiGHFTKly4zcoFwMtpIMbO45Us7rEHL4ZcW0yddsK4YFF9U2jAg17F2t5FL9stKXVdDl3xVKYLr_7oB4es4QXdt4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC71
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cver=1&google_push=AaAOQGElKmLCHEdy37IYFque7brBRGlm_PkroI5yW71R4YF...

170 B
188 B

68ms
63ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cver=1&google_push=AaAOQGElKmLCHEdy37IYFque7brBRGlm_PkroI5yW71R4YFd6mWZzbVRu0nLky2nBktZbFPRJlwtZXeVLWVF2-oTRY0OIaWsRLTYrWFLLGVMO7Vmw7jNczjZy1Q0miGHE8lrdUYVUl71HKgfkSFylerMvg_bUIM

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 17:37:57 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-039373edd24dbbb61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWloWjJ4eHgxUWswZ201&google_gid=CAESEIffWybn220Tg8OVZNsEzbo&google_cver=1&google_push=AaAOQGElKmLCHEdy37IYFque7brBRGlm_PkroI5yW71R4YFd6mWZzbVRu0nLky2nBktZbFPRJlwtZXeVLWVF2-oTRY0OIaWsRLTYrWFLLGVMO7Vmw7jNczjZy1Q0miGHE8lrdUYVUl71HKgfkSFylerMvg_bUIM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC71
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGY1dburaojyWySdoFY3zAk&google_cver=1&google_push=AaAOQGHwomjndUQRbGGlkURRnKpW6iDpVDDNbBG1bITh8DvtGcFqfF4_-gVTWSTzBUZtzGTs9N5T31pbRqg5t46t12X2wPQ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHwomjndUQRbGGlkURRnKpW6iDpVDDNbBG1bITh8DvtGcFqfF4_-gVTWSTzBUZtzGTs9N5T31pbRqg5t46t12X2wPQPgd2q_dul2x0wvbwhL0NxY1eaZv6wR0_bbp_hC...

170 B
188 B

64ms
61ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHwomjndUQRbGGlkURRnKpW6iDpVDDNbBG1bITh8DvtGcFqfF4_-gVTWSTzBUZtzGTs9N5T31pbRqg5t46t12X2wPQPgd2q_dul2x0wvbwhL0NxY1eaZv6wR0_bbp_hCvOXtitn6DNpbicibyvttDQie5s&google_hm=eS1STVRXWGM5RTJwR0E1RUJDamU4Z1VZXzhRNFlqd1hSUX5B

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 13 Jul 2023 17:37:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHwomjndUQRbGGlkURRnKpW6iDpVDDNbBG1bITh8DvtGcFqfF4_-gVTWSTzBUZtzGTs9N5T31pbRqg5t46t12X2wPQPgd2q_dul2x0wvbwhL0NxY1eaZv6wR0_bbp_hCvOXtitn6DNpbicibyvttDQie5s&google_hm=eS1STVRXWGM5RTJwR0E1RUJDamU4Z1VZXzhRNFlqd1hSUX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC71
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECuyBnj--haLkbSfATq27fo&google_cver=1&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-XBi...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECuyBnj--haLkbSfATq27fo&google_cver=1&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5ODI3Mjc3NjkxNTU1MTkwMw&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-X...

170 B
188 B

70ms
67ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5ODI3Mjc3NjkxNTU1MTkwMw&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-XBiSq05hc4RzN359M1jlnyJ847Ztbghv4haSirIWSRTlYsHkv2A3pNeD7WDdR_Wic4UC9fwY6RW8hGEx7A

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5ODI3Mjc3NjkxNTU1MTkwMw&google_push=AaAOQGEE6fH5ZIKifY-078ZQIhYT7pjgorc1lJiHF9maI6QeGKz4-Vz2BQ7UbVdnFg5tJc7caZV_-XBiSq05hc4RzN359M1jlnyJ847Ztbghv4haSirIWSRTlYsHkv2A3pNeD7WDdR_Wic4UC9fwY6RW8hGEx7A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FC71 43 B
362 B 179ms
56ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEDkvgxm3P1L2oE-aqNNPt6I&google_cver=1&google_push=AaAOQGHXenSCoxaUD54lAcr0FLnHW4OxdBwLmoZ4R2PiCf0o2koAXq9TyVR-4f5Mzz6WgluAmHYCrOsCsGApY-ryTEDLmdLEBKN5WM2jM9NZt9s7t5tRNWgGflZQidsdq7WoiGO2MerlJzyzK9W_ho28kBQiOr8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 352569
expires: Thu, 13 Jul 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame FC71
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG_3RCPiPSQE...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGG9N6Vhvr1VljHHB4RLq1q1U31lPViMwzJDi8YKTfT7bInGj95JtA027iFXpDQJq8c4Ko__bcANrYThTUeQJAKJxaEwkXvWSr1FAmMUrhLiMowyW...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

74ms
72ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 13 Jul 2023 17:37:58 GMT
pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FC71 0
41 B 135ms
52ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IfMdmR5_45QBHmraCIDy4nn5Wgnlws3q8DjZsL15oSaNvt8UObV84TYmueDzs6BCcXFYgpsA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:37:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA9F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

68ms
68ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:58 GMT
expires: Thu, 13 Jul 2023 17:37:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 17:37:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 91FB 38 KB
14 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 18:20:24 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 42AF 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 18:20:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 314ms
312ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=774310051563929&bg=!Tk2lTRnNAAb90kgr3dI7ADkAdvg8WlwIFjKQhx8llTUEs7OkWbjtsQ04zyFerj5ePfeT3hRie70z-9hazKYWYRiOwJA1k5pEgvoCAAAA71IAAACVaAEHmQKxpcCkYDjfHcQ_sefnZGbUQNp00rFaWm3EqkEmF8bPwD-X2Wki1iUaeOX7jUGbszzrQ8evlf1vHitbL-opRCE_0dwCRExhysVbbogOzS0S3dXG_QqsWJgXkeabFx5VVgOG2g0F93yzkbztQBYceS2yo8Of0RQdnnJLzKaDYGkxM5P-wEdpLRc0_rYe-iMN1Q68lpHp9euVs1KWecJk9OuDwt8NDWRMJ32iQIDsNCv_9mPFJEI8N_-jcGupyQGlQltO5_7rve6kP_2rI4eMIyemvbH514lLpt_YDGRtvEsVEzB3v2tQomQnzgh2QGhCz4EwrabZRQQ8cQo8JEAAhwRyQRexJy4RhIcbOEGvukvpka0nFE5YrHyh74pb7WgiASa3uwu23wOGyx46kScckB8Asxxqj_v7O3IzKBuCGZjmoe1i193v87N_izzOp7jpi7nqMejsn4S1kSJecoLd25epUm00p2P0bOxLoy5HvBiPRG1I6tg93wUoxP4LGrmtRi_MHumK3-T0KcfXTjT-MuvqydTa7YrK7YKcKU4dZLYkVpzIkxmiwc6vQvpzW3_-FuCQIsiiz5Thbp3OZMvX27b1QaqYYa5OCIL3OV5Edfhe1GeCfQcAkuf3OMsQv_M3MQNsOq_Qq1Cbl7TMeumQzfrnDgXXWs2uPIewZiyJO3jr4Xt7pQHpeF9xb3x88N5QY0GnlLJDXdkcARubfMNjjq_o_8rz7Nwo5Tz-vw_LH9fEO6qMW43E6Rdia7HHS62Tynpa-4fMAh4vvM5HHTTDC9MZ1NQh8XJ3g3LJvMyezR57L_0vpFAkq6Z9uU5UPwAMZ6toRd3qIa9UGX445dh3CdgN5PuhT4sbTVpHkHGmggtQOAGvJ4X0AvRXqbLW5UNQWpGYcOpbjV6-JTZXEAlgCdPqros
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://edevletsifresi.name.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.edevletsifresi.name.tr/	1970-01-20 22:36:05	Name: __gads Value: ID=4df8e4fc9cbb7208-22b6c7a9aee20093:T=1689269876:RT=1689269876:S=ALNI_MZ4N8l-NGUtyAh8E1UymA74-7vUKA
.edevletsifresi.name.tr/	1970-01-20 22:36:05	Name: __gpi Value: UID=00000c3c9c27117d:T=1689269876:RT=1689269876:S=ALNI_MZcNewO8dkjfZuLiX1Z7rus2gxesw
.doubleclick.net/	1970-01-20 22:36:05	Name: IDE Value: AHWqTUm5GrEzyYHSNsfywTXodoYTL9rTbwYOv0f95XDdONMGlPrvKolouP4bgTwakoc
.doubleclick.net/	1970-01-20 13:14:33	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 13:57:41	Name: mt_mop Value: 4:1689269878
.bidswitch.net/	1970-01-20 22:00:05	Name: tuuid Value: a18ab786-5475-4e25-81c3-045d37cf4551
.bidswitch.net/	1970-01-20 22:00:05	Name: c Value: 1689269878
.bidswitch.net/	1970-01-20 22:00:05	Name: tuuid_lu Value: 1689269878
.ctnsnet.com/	1970-01-20 22:00:05	Name: cid_44595a359e8a492aa6f249fd15069451 Value: 1
.ctnsnet.com/	1970-01-20 22:00:05	Name: gid_CAESEP8yXSynmfW2hSqajHN7V94 Value: 1
.quantserve.com/	1970-01-20 15:24:05	Name: d Value: EAsBCQG6KYEA
.quantserve.com/	1970-01-20 22:44:44	Name: mc Value: 64b03676-3ae7a-91c67-99d3c
.adform.net/	1970-01-20 13:59:08	Name: C Value: 1
.bidswitch.net/	1970-01-20 13:14:30	Name: google_push Value: AaAOQGEsIZAC6YMhnZ2LWZpa6zSoHCfMoIkMv1s4TlHcwF4SAGHGsUcUza3P_VHJrGqYbuuSP1Y5ZTQfZH1vdkVPl-bYe6fQMXTvOz8OS0eUSU1tCiytJaf9gznIc9j1ENBd8-WyOis71r0F33PJn4q2OlBst50
.w55c.net/	1970-01-20 22:46:10	Name: wfivefivec Value: 5ihZ2xxx1Qk0gm5
.adform.net/	1970-01-20 14:40:53	Name: uid Value: 4598272776915551903
.w55c.net/	1970-01-20 13:57:41	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 22:00:27	Name: A3 Value: d=AQABBHY2sGQCEFEAqR85QmyV5RLOjJd3yycFEgEBAQGHsWS6ZAAAAAAA_eMAAA&S=AQAAAt0dsmSYvFrGd1muHkP0GfE
.turn.com/	1970-01-20 17:33:41	Name: uid Value: 8054992643242020392

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
edevletsifresi.name.tr
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ius.ctnsnet.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
x.bidswitch.net
104.102.35.84
142.250.185.162
178.250.7.11
18.193.242.108
185.29.134.248
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:809::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a02:fa8:8806:20::2040
2a05:d018:d29:3601:df08:f9aa:adb2:e3d1
35.186.193.173
37.157.6.254
46.228.164.11
52.29.25.103
89.252.179.222
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0425301ced788b3b79eb36ca72c74394b7f9a418a2fb6f0494f726a63df415c3
068a6a7820e7a7a1081986e7135e394e4a3b82044b38fee1d9a0c9f3b342e3b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f41fbd9772a2fc1ca8cc4296358e67c1136746d74a52a9299426201ff51f208
146faf3868529a56a80418e136cb53670e6e7c41069ad6a18a93e2743f36ef5a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
31307582a650b4084b22d6c70fc62d561fdc317daf4e2f83e22d151f70274df0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b47b5c9ba614872cc9703fdf4ff0ef074604fc32c61dd06dc8927c09ea3ed03
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4851aca011d4bb898eed640747197c52ef36625304e09a5b95be4c238d28d377
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8e58afd7ddb2bc521a1fcc88f5301a35f221db97e9348570ffc349246555ee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5590bcde5fb5d9dd95e7a924409f054bca443e7088d8b35035f01b5b6ec80efa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563e86218245233e61f2c2f60b7695930793dc43753c2ccb98b0b2ca6ec11b42
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5ea8c5ab9048f4b7e537344be328c04b40978d1d093d0417b360bbf99e97528f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b562a4967ce155bc573069e0e5752d0415735ff6aa256158ec85bab29e30d9b
6d3f04a4c0d87fbbab44b0289644fe715bc5fe5450909420fc744a60e8ff0c38
7be175761d62cd62f78d627fbf2b29f7efaddbe62e3f849934d5c02c4ed09278
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fd152bfebf586699f0d4ddc1b218b0e4a15f709ce3fc624dca187bd236f68a5
8e4d913ff72aaa74a9e25f64656d3be331b67f41936601a1abdd49bf773da7af
91961ff41bf0d6ee4559d8b3fde29639537b1b47a2b5924b15d43a86ad2f52b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
bbc74c6bae08bb44822691817fee4b9a2939c31885c71f9dd2a7950ea879a0aa
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bddc03c81d6f800144ab555ca280cf17e9c627d45bb2d3ad29e3d147611d1479
cd541bce8b062f99a3a36595daa08e8d5ba9a0c2134474ecf00b91f1516ddcb1
cf476153d4496eb294bc150a1b267fd0249829c23d5b5104efdeeb605d04187c
d192bf174bd10aa00cbef98d0bb504c95c40ad21c64cba32f5e1a5e585c101ab
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d787756e266f503e6a9df33faa2605223d33cedc002f27eb1621009723144ba8
da7ebef45d41f800e40b555d4a79dd40706c9894f1007984d1cc4e9ba1064266
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86254778e916dfe7beef4baa04f18a727fdd8bc9f70281080803e12bb1fee5c
e89d414f602d80ef3e54dccdc978817b9a72cd8ba5d99fac218ae803a873648e
ee5aacf7fe3cf3c5ddc73753cbd7b3af8009fb80d5fe6822add65838d072c8cb
f6b9871297a3383c3d11fabe097eb845854639f07de3dbcc0b0d3e5ebba61630
f7825da37fd22a4c99742af23294d3a78ad893c3dfdb3a64ed909ca86e526119

edevletsifresi.name.tr Open in urlscan Pro 89.252.179.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

67 %HTTPS

55 %IPv6

19 Domains

23 Subdomains

17 IPs

8 Countries

1677 kBTransfer

2915 kBSize

19 Cookies

1 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

edevletsifresi.name.tr Open in urlscan Pro
89.252.179.222 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

67 %
HTTPS

55 %
IPv6

19
Domains

23
Subdomains

17
IPs

8
Countries

1677 kB
Transfer

2915 kB
Size

19
Cookies

88 HTTP transactions
2 data transactions