tr.masa.news Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://masa.news/
Effective URL:
https://tr.masa.news/1.php
Submission Tags: analytics-framework
Submission: On April 26 via api (April 26th 2023, 3:35:47 am UTC) from US — Scanned from NL

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.masa.news.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2023. Valid for: 3 months.

This is the only time tr.masa.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11 14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 33	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:224... 2600:9000:224a:8600:7:3fc7:b7c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	172.64.198.35 172.64.198.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.64.141.121 18.64.141.121	16509 (AMAZON-02) (AMAZON-02)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:82b::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
53	13

14 2a06:98c1:3121::3 (United States) 11 redirects

ASN13335 (CLOUDFLARENET, US)

masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turkisha.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turkishz.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turkish1.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turkishs.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turki.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turkish.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tr.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turki.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turkishs.masa.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:8600:7:3fc7:b7c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1mar6i7bkj1lr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.198.35 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.141.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-141-121.mct50.r.cloudfront.net

ndentofinau.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

careewituhi.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.hitsteps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	masa.news 13 redirects masa.news tr.masa.news turkisha.masa.news turkishz.masa.news turkish1.masa.news turkishs.masa.news turki.masa.news turkish.masa.news	938 KB
6	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 92	3 KB
3	cloudfront.net d1mar6i7bkj1lr.cloudfront.net	95 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
2	careewituhi.info careewituhi.info	797 B
2	ndentofinau.info ndentofinau.info	2 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 16041	101 KB
1	hitsteps.net log.hitsteps.net — Cisco Umbrella Rank: 662534	595 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	44 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 5620	9 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	3 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607	33 KB
53	13

	Domain	Requested by
32	tr.masa.news	2 redirects tr.masa.news
6	accounts.google.com	4 redirects tr.masa.news
4	turki.masa.news	tr.masa.news
3	turkishs.masa.news	3 redirects
3	turkish1.masa.news	3 redirects
3	d1mar6i7bkj1lr.cloudfront.net	tr.masa.news ndentofinau.info
2	turkishz.masa.news	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	careewituhi.info	tr.masa.news
2	ndentofinau.info	d1mar6i7bkj1lr.cloudfront.net
2	pogothere.xyz	d1mar6i7bkj1lr.cloudfront.net
1	turkish.masa.news	1 redirects
1	log.hitsteps.net	tr.masa.news
1	www.facebook.com	tr.masa.news
1	www.googletagmanager.com	tr.masa.news
1	netdna.bootstrapcdn.com	tr.masa.news
1	code.jquery.com	tr.masa.news
1	ajax.googleapis.com	tr.masa.news
1	turkisha.masa.news	1 redirects
1	masa.news	1 redirects
53	20

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
*.masa.news GTS CA 1P5	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ndentofinau.info Amazon RSA 2048 M02	`2023-04-16` - `2024-05-14`	a year	crt.sh
careewituhi.info E1	`2023-04-16` - `2023-07-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-02` - `2023-05-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tr.masa.news/1.php
Frame ID: 13F5546CDA72D2BC8DAB7A4221A06756
Requests: 48 HTTP requests in this frame

Frame: https://ndentofinau.info/V3d6TUM2FRkgfDZKGGs2JRtHaHERUkgLJ2YaGz91PkAYJilmGwhjIDsYDyklJRgUOW05Eg5ocRERHyAFLyQAJhkTH0I5ATBDMwsbDjYuGysQEQ0lIBQAMyYVIAcZCylmATIlGhA9MioQHQ0eNCdmACwOOm8yKSYgMzwWLicPMRk4FS8bGRwEZi4yKg0aEQJ1DBIlTioBFQQYDxduIT4fAhQ9Pw8gETU4fxUVIhgKADMhPX0REzMrNRYCISh4AAE+LQoAARM8HxoUFR05CBMALDgAZwcrHBQCPSJ8Ci0VHTkIER8dIQdnQj8cJDwUKQsGHRErfBcFMlcDdAA2FR8LBEI1BTQaFjMmcjEiAClmZTU5JnIHJhR9IAQxPBcKETI1CQFmAjk3LxImSTkVEgAVGCEwAzEPKwYYLyUVHiEyJgkQJhEJCREmHB8GGjk5CDcDL0k+GwNGHgwlPxM2GHMVAjl9LAQyOXwaFDYSGCYPTioYKA0bOSY7HzUyFApxHQkiLSdKHTsVMwANIgI/MTx0DQ
Frame ID: 9EEA1D75463651A46539266DAA7CF31A
Requests: 2 HTTP requests in this frame

Frame: https://tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
Frame ID: 9D5FDBB37A9EB5A02A2D04DFF91EE4A7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turkish Masa

Page URL History Show full URLs

https://masa.news/ HTTP 301
https://tr.masa.news/ HTTP 301
https://turkisha.masa.news/1.php HTTP 301
https://tr.masa.news/1.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

77 %
HTTPS

77 %
IPv6

13
Domains

20
Subdomains

13
IPs

3
Countries

1245 kB
Transfer

2333 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/turkismasa
Title: Subscribe to our Telegram Channel to Get Latest Episodes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://masa.news/ HTTP 301
https://tr.masa.news/ HTTP 301
https://turkisha.masa.news/1.php HTTP 301
https://tr.masa.news/1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7Qj8dVqUKJLoTRpOQm2Ry2JadlT1ibgSgbNzRQtNPD6mzseDYPvyZYgX8pCqTIzn4xVUFFw HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1728004509%3A1682480142178150&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TjKLKaD30TSJN8T-nf8lTtPSvS0Mch0-BeDqx7a6wGk0RWjbwdG_erlpdOVTWL15_6RSjJ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 27

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QQP6yqSMu1G7EgHayBzE1ujWC5W0hZgEEP9ActfY4cvNKmyPDv4Fk9UfeFyGXsmZU-XuMb HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-469358031%3A1682480142159187&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SqwZg8GDLiPvmWg3wYCkglTW5qmY7myLDlPQRovBn5mMf6_ZhzlaNL_pgmGf7Ao6G7GqVq&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 33

https://turkishz.masa.news/uploads/articles/8407e7af.jpg?cache_buster=1646829213 HTTP 301
https://tr.masa.news/uploads/articles/8407e7af.jpg?cache_buster=1646829213

Request Chain 34

https://turkish1.masa.news/uploads/articles/114f9242.jpg?cache_buster=1655300521?cache_buster=1655305904?cache_buster=1655308670 HTTP 301
https://tr.masa.news/uploads/articles/114f9242.jpg?cache_buster=1655300521?cache_buster=1655305904?cache_buster=1655308670

Request Chain 35

https://turkishs.masa.news/uploads/articles/046aecce.jpg HTTP 301
https://tr.masa.news/uploads/articles/046aecce.jpg

Request Chain 36

https://turkishz.masa.news/uploads/articles/4b84bdbf.jpg HTTP 301
https://tr.masa.news/uploads/articles/4b84bdbf.jpg

Request Chain 37

https://turkish1.masa.news/uploads/articles/b0fed503.jpg HTTP 301
https://tr.masa.news/uploads/articles/b0fed503.jpg

Request Chain 38

https://turkishs.masa.news/uploads/articles/ed89636c.jpg?cache_buster=1644139824 HTTP 301
https://tr.masa.news/uploads/articles/ed89636c.jpg?cache_buster=1644139824

Request Chain 39

https://turkish1.masa.news/uploads/thumbs/6681d7777-1.jpg HTTP 301
https://tr.masa.news/uploads/thumbs/6681d7777-1.jpg

Request Chain 43

https://turkish.masa.news/uploads/articles/1a730a74.jpg HTTP 301
https://tr.masa.news/uploads/articles/1a730a74.jpg

Request Chain 44

https://tr.masa.news/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

Request Chain 51

https://turkishs.masa.news/uploads/articles/046aecce.jpg HTTP 301
https://tr.masa.news/uploads/articles/046aecce.jpg

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1.php Show response
tr.masa.news/
Redirect Chain

https://masa.news/
https://tr.masa.news/
https://turkisha.masa.news/1.php
https://tr.masa.news/1.php

181 KB
45 KB

50ms
49ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef5cb0d870c19122da487825fc882c3d8486c9006ad5f9318d8df2c95d56be5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bdbc6f46f260b64-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 26 Apr 2023 03:35:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaPJe795XYkE%2B9wE3CFPIlMEkz9AdwLoG45IlOCUUMrVMV7JBIMHiafqdHptRL0GGcmWEBWEaCKDu53CmVEAZuunx%2BqDidHyk8WLLexzpJKyK6recJbX8EVr7Wc%2BolhzHxat5Yf3t3wpxos%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bdbc6f43efb0b64-AMS
content-type: text/html
date: Wed, 26 Apr 2023 03:35:41 GMT
location: https://tr.masa.news/1.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ictqPUbCTLFe1CEX%2B4V5TPJmwnqpD4oizcyTjeOTUwP%2F7KGN6aCCgpn1Y4I3SznQ4EvJjoqp2nf%2Fks%2BEoPgGyZ8jHiDYd7tsDMHZ6pUODoj55o2FRhGwnyp33VreVSMjiZlzi%2Bmv%2F3w5Uh2UrPvMIaU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bootstrap.min.css
tr.masa.news/templates/apollo/css/ 118 KB
20 KB 25ms
25ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/css/bootstrap.min.css

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4864a1dc26c66b5c9c0091afd5d9c5b52709bc023b66b5a3c6fe9e38af6e506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:42 GMT
server: cloudflare
etag: W/"5cd04602-1d99f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzix1tn1VAgpWYPTJoBofd5hYinQHYiIoZplJqXFBgT1xf5hZAC%2Fyl8ql4mux0A68KwLGam3CvJLFOclndYYXmRPg8kx%2BEwlULRtZ9ZU1Ltl1lHsI0HwLjMuND5fJjgis5qlbJOO08pT1IM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7bdbc6f4c8ce0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 apollo.css
tr.masa.news/templates/apollo/css/ 355 KB
54 KB 38ms
38ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/css/apollo.css

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

307b100796fef6fa3f870c4b1111c75a72eafa66b0f5b0ae81d953f31e541b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 04:13:03 GMT
server: cloudflare
etag: W/"61820c4f-58d3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQgPXQI%2F3JLmuF9axXvtcV3z7H0RXpFlvPWmm8uUK8tZDO5jan%2BpQWjEjFDJiAVZrEn1dH4TSswE8p7lraOIJB1Ni%2FyZPDTTJw%2BhHsE78wckkemDsCa%2B4AMP4vkM32TpbkT%2FpWBsrolXlK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7bdbc6f4c8cf0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 animate.min.css
tr.masa.news/templates/apollo/css/ 57 KB
5 KB 23ms
22ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/css/animate.min.css

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:42 GMT
server: cloudflare
etag: W/"5cd04602-e286"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aib2grA1ybA8VcaMyFKTj8NMOBuIMEXHqiV0njkx732v50gO5OcpTZ4LJLIfIbFVebdcmxqpzv0662X12DYw54o6wt1RrZZJEXzJbKRUIy%2F4BQxmLqKrsZeGg9rCyeQXqvgR8wEaytGwblo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7bdbc6f4c8d00c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
d1mar6i7bkj1lr.cloudfront.net/ 146 KB
47 KB 277ms
185ms Script
text/plain 2600:9000:224a:8600:7:3fc7:b7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mar6i7bkj1lr.cloudfront.net/?iramd=979741
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8600:7:3fc7:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 80f9ba77f58e41caab59d798c39227e34a2da15f06d764baaa5ab3fe9bd3134e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: gzip
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 47972
x-amz-cf-id: hAAA4TF3KCwAJxxCO0YVDJj9dKwkKftWPSj286TrPvALKrMYQ0r8UA==

GET
H3 200 ajax.php
tr.masa.news/ 42 B
520 B 44ms
42ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.masa.news/ajax.php?p=stats&do=show&aid=901&at=1
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 03:35:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDipjrpewLLs6vdwRVosMuYHvv4%2FU9q6IewF%2FlS1zxdLDpAM2WkA4C1yjrEITx3qDuZdUMK%2BchbJyrWkh2VWHZtThvvjvQ64xOWxdfla273Zqti2pwd%2BwgtFMld07xwtgz5MhVBStxXaSKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: must-revalidate
cf-ray: 7bdbc6f5492d0c39-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 5 Feb 1986 06:06:06 GMT

GET
H3 200 melody-lzld.png
tr.masa.news/templates/apollo/img/ 95 B
633 B 44ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/templates/apollo/img/melody-lzld.png

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c015a5d2a81139b7fe47b294882c03d3fd072c90d3d78127250d93e65c1de54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: "5cd04604-5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1hrCNO2AAkfAmtKs8v%2BuKbK%2Fb0K6WWAKIKEO8ymKHslNY%2FbgEm3pyaa8bBfTTHqjINg56nO2pMmhok%2BBYSKCg1vPrZQEv6gkUG63%2FJ41skK5ccKr6F51AMmVs5o7bWSgu4KBhWSbvvBiwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7bdbc6f5492e0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 us.png
tr.masa.news/lang/flags/ 609 B
1 KB 44ms
43ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/lang/flags/us.png

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 13:34:38 GMT
server: cloudflare
etag: W/"5cd037ee-261"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0%2F60lXs7ineiJNX9FV3JRPhK6VH804fLjbUJqzPlcqwFds58cMCM7NnGWggXDitZSm0UsWy1WxBLz8vM5SrClXXF9xyyT10k%2FVpsQTc0i2ExR0pV%2BPzbCle7jcI13oUUmh%2F85%2B1bii3we4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7bdbc6f5492f0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 102ms
33ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Apr 2024 14:27:45 GMT

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 74ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1c1f"
vary: Accept-Encoding
x-hw: 1682480141.dop259.am5.t,1682480141.cds271.am5.hn,1682480141.cds125.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H3 200 slick.min.js Show response
tr.masa.news/templates/apollo/js/ 40 KB
11 KB 29ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/slick.min.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e8e27e1679a10fa7dd6192389f38fb491e89a482aea9690dd4c10538cc10bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 391798
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-9e0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BNTl8ItR1R2omTwkBM%2F66SHh046BUcAeCXtvwZzizvTaKiIigl%2BD6ZwubC8vqa2gcpqtUgsz41Y%2F4KnQCjS1jV58TD3ZAZccH3g0qL%2BHtGAlCZ9zKjrr%2FRb00FdkcfCdPLa0JSdP4xIKHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f5491b0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 69ms
22ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 3780658
cdn-cachedat: 11/03/2021 03:23:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0b7e42ce5c8ad95295886cdcce8be1f4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7bdbc6f58fb00eae-AMS
cdn-requestpullsuccess: True

GET
H3 200 theme.js Show response
tr.masa.news/templates/apollo/js/ 44 KB
15 KB 32ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/theme.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b32884af7a440755d1daa5deb4603c2bc181446f4a02673d69e845afe115ba72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-aeac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGTXaeOLj9SsWPATwDmCK5b6j9haqBQ7Zi5ek5Me52xZJOFfE2C9b6oiPkQX5Z2eBgKoROMeO28dK5l%2BKoc83NhOx5sjeEAr6Ia1jgbZ1XqZiM4sPVzmzFmCXZ8SQG2Na4pEzEd9EtQtQEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f5491d0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.plugins.a.js Show response
tr.masa.news/templates/apollo/js/ 10 KB
4 KB 44ms
42ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/jquery.plugins.a.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5da67292da0cb7d7a40812de84e839ef1561c01cb9e0bd4e9bb15bfc64b0cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-2640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdYAHI47%2BcuPz%2B3bZ8%2FWJKgqi9ZROKvrYy4IYsv6vnygCexam0pHbXZznWgE7v8gYaSwT09ChK4A6eyN7n0jx7dgsTi8lEoIqsCAzsWTLcpcF6k8OXt4zjMSNbIN1qzoG8pQAfMGeqGGfuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f549200c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.typewatch.js Show response
tr.masa.news/js/ 2 KB
1 KB 30ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/js/jquery.typewatch.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 13:34:38 GMT
server: cloudflare
etag: W/"5cd037ee-6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgYlizIKKbXfMIS%2BfjxrW4Lu5WhIsxI1o%2FhvFPrrI7kiOaDj3lrPDUqGyVZAHCMiTb8F9tSRXqsAmb8kSBRcI0q5VMfV2ODPFVTo4njKZIxEbKYHRJI8aGqhJ%2Bfic8DjyVD7u67SRsFiIQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f549240c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 melody.dev.js Show response
tr.masa.news/js/ 23 KB
5 KB 33ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/js/melody.dev.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 13:34:38 GMT
server: cloudflare
etag: W/"5cd037ee-5a44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSq%2B1TKRBur1LWUi2LJOj6VOIMI6XFnFaCmsfyEmjAFbWpbbL6wEdXxSzgRAA%2BVLJ3DkG7YECoR5iqjUPhBWCPPqCxc%2BJPsflZqgn3iREhnxbIVwrgGiW9rHsOXepeJplMCu3ecKrPWVGZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f549260c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 melody.dev.js Show response
tr.masa.news/templates/apollo/js/ 7 KB
3 KB 30ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/melody.dev.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41af4a2fb3effba0f84cf21ea77ad4db2373086ee9bda4160dd7a4c14392c179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-1dfd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3POoUAobJjEdSJ40nIL5%2B5A7ojBy%2BFcBKzSPrvax7yOVLubx5pCWioTse9qvEJYXSw%2Bn0%2FyY73gUPLS9ySPfHtw9Qg8nDg26ghYGcEuS8wc3kj3caRL8YPSrfCJiDknXuxjdu%2BI%2Bt3IYuFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f549280c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.plugins.b.js Show response
tr.masa.news/templates/apollo/js/ 9 KB
4 KB 31ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/jquery.plugins.b.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6d06fd83d0e274e7b3f06d9f6f3320cbb5fdc9a6248f556ca39eef95708a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-2525"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B2MKeqx9lUrnckp66lP35vYHICp3IysYJGWHXLGKjkRU2UjBg7VPaclSlljLqyHFTTQUheY374aor%2FWMmPT0yNkV%2FGYXyMMeHBscZ50BKc1hX0jea%2BnDyes2Ajt1JkTnRXvUe7L0x%2FikF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f5492a0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.readmore.js Show response
tr.masa.news/templates/apollo/js/ 3 KB
2 KB 31ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/jquery.readmore.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbbe700df964fa01b2e5685082d1f0a6fc5c8a9b9fcb18432fb3f31ac29b208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11786154
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-d5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9fGAp0GEtQUeuqT%2B3Z7Q5enfeddG%2FJ5JM35ch9k6Te88ABSI3w8SoV6hVv3ulTUo%2Bqm%2BMKt%2B8j63gVlQ6mN4k466itBUiMDtBTjKDp28%2Fm5K3LqmJM%2BAAqFSqAf12BHi6vBXRDQLrznKc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f5492b0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.cropit.js Show response
tr.masa.news/templates/apollo/js/ 27 KB
7 KB 33ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/templates/apollo/js/jquery.cropit.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4076515
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-6bba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuVDGseeH5krUHWHIE%2B%2F5OTDQc0dVUpXS4fXl%2BZNgxtVuIkhB8XmqKchevSDai2lUaeMg3dMldHKTfKyH0WFGb0CGeHRhj2kNCCGf8xZZBwa863i7QfLqmOoCH%2Ba3R1HLvbD4DaSwLcvyyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bdbc6f5492c0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 98ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-201411662-2

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1ebe58de3fedfd8713bcdda380ce30bc12b17dbe497f841fb52e692941c3f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45082
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Apr 2023 03:35:41 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 86ms
27ms Fetch
binary/octet-stream 172.64.198.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1mar6i7bkj1lr.cloudfront.net
URL: https://d1mar6i7bkj1lr.cloudfront.net/?iramd=979741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 02:27:56 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://tr.masa.news
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0NFofKqb2oidUVRTCN3zQt%2FxaJWtEe%2Bf66FboafAvVo4%2FXgGzz8JWA6NBxCE%2FANZ%2B%2F8X32DSPQpjyV6j3Aj324SE9JQ3lm5iGdEoYRX3qqxs4d7nhnOXYysqxwtpzfW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7bdbc6f73b2d0472-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
397 B 174ms
116ms Fetch
text/plain 172.64.198.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1mar6i7bkj1lr.cloudfront.net
URL: https://d1mar6i7bkj1lr.cloudfront.net/?iramd=979741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f89544a2e24ea91c582de8e0ebeb35b6d84a649af52bfbde9a8cc668c192257

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfmfkYH2L2jY9uFLtk0zjGW6Sg1hunrRz15fPY27dZhlxb%2FdpqtnyLuWWGU01xd9ae6VjbSEmN3vDqdsMMlQ7zrA5%2FcuypYPtsYG6l67X5MscODcpW3OpZ3dS3DN02FE"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://tr.masa.news
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7bdbc6f73b2f0472-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ndentofinau.info/ 0
537 B 912ms
337ms XHR
text/plain 18.64.141.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ndentofinau.info/utx?cb=ZYcX0Qb10Ybc&top=tr.masa.news&tid=979741
Requested by: Host: d1mar6i7bkj1lr.cloudfront.net
URL: https://d1mar6i7bkj1lr.cloudfront.net/?iramd=979741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.141.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-141-121.mct50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 03:35:42 GMT
via: 1.1 9648e05822820cc2f1496be50b69c468.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: MCT50-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tr.masa.news
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: JBs0o9xr4q5GC_0UXWdyDo7MM2nKN_YwwN6tXnYwujDnKQcBnh-XnQ==

GET
H2 200 MTx0DQ Show response
ndentofinau.info/V3d6TUM2FRkgfDZKGGs2JRtHaHERUkgLJ2YaGz91PkAYJilmGwhjIDsYDyklJRgUOW05Eg5ocRERHyAFLyQAJhkTH0I5ATBDMwsbDjYuGysQEQ0lIBQAMyYVIAcZCylmATIlGhA9MioQHQ0eNCdmACwOOm8yKSYgMzwWLicPMRk4FS8bGRwE... Frame 9EEA 3 KB
2 KB 886ms
341ms Document
text/html 18.64.141.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ndentofinau.info/V3d6TUM2FRkgfDZKGGs2JRtHaHERUkgLJ2YaGz91PkAYJilmGwhjIDsYDyklJRgUOW05Eg5ocRERHyAFLyQAJhkTH0I5ATBDMwsbDjYuGysQEQ0lIBQAMyYVIAcZCylmATIlGhA9MioQHQ0eNCdmACwOOm8yKSYgMzwWLicPMRk4FS8bGRwEZi4yKg0aEQJ1DBIlTioBFQQYDxduIT4fAhQ9Pw8gETU4fxUVIhgKADMhPX0REzMrNRYCISh4AAE+LQoAARM8HxoUFR05CBMALDgAZwcrHBQCPSJ8Ci0VHTkIER8dIQdnQj8cJDwUKQsGHRErfBcFMlcDdAA2FR8LBEI1BTQaFjMmcjEiAClmZTU5JnIHJhR9IAQxPBcKETI1CQFmAjk3LxImSTkVEgAVGCEwAzEPKwYYLyUVHiEyJgkQJhEJCREmHB8GGjk5CDcDL0k+GwNGHgwlPxM2GHMVAjl9LAQyOXwaFDYSGCYPTioYKA0bOSY7HzUyFApxHQkiLSdKHTsVMwANIgI/MTx0DQ
Requested by: Host: d1mar6i7bkj1lr.cloudfront.net
URL: https://d1mar6i7bkj1lr.cloudfront.net/?iramd=979741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.141.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-141-121.mct50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 97f2b0153494d4d0bfe34eef1166351fa69c1297bede5447667dcb6d6a12dc11

Request headers

Referer: https://tr.masa.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1239
content-type: text/html
date: Wed, 26 Apr 2023 03:35:42 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 9648e05822820cc2f1496be50b69c468.cloudfront.net (CloudFront)
x-amz-cf-id: I6GKR_fUKobGGq8NAUWOsBLFj3ulpSpEbQPFncyimlSMMOTtWX2Fzw==
x-amz-cf-pop: MCT50-P1
x-cache: Miss from cloudfront

GET
H2 204 RFFhSCNZCj9TbEFRYUB5A0JjXGQFSiVTexEYIA8tCl12Hj5DAG1ffA9eZFZ6BlhhVnIO
careewituhi.info/N2xQbkoYUzMdd2UoGV8ZcQAnLy15WzImenAuCAI5VAsjKyxgB3YaI1NRaVlzAFhhSDpeCG1fbEQYMRo/ 0
405 B 171ms
116ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careewituhi.info/N2xQbkoYUzMdd2UoGV8ZcQAnLy15WzImenAuCAI5VAsjKyxgB3YaI1NRaVlzAFhhSDpeCG1fbEQYMRo/RFFhSCNZCj9TbEFRYUB5A0JjXGQFSiVTexEYIA8tCl12Hj5DAG1ffA9eZFZ6BlhhVnIO
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5RhcYHsvkcZs5eMwJL3B0JfHHPMOFENSJeo0FhSbdAp3dIzTGmNP6khWnrtlRonM10jaAYROy4TcgRUMFC%2BhvL%2FY064btobFWJhnFwZ9E0mlbQWBq79yGL30t%2FlT6itSNE6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7bdbc6f75ec6bb8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 157ms
106ms Image
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7Qj8dVqUKJLoTRpOQm2Ry2JadlT1ibgSgbNzRQtNPD6mzseDYPvyZYgX8p...
https://accounts.google.com/v3/signin/identifier?dsh=S-1728004509%3A1682480142178150&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TjKLKaD30TSJN8T-nf8lTtPSvS0Mch0-BeDqx7a6wGk...

0
0

62ms
61ms

Image
text/html

2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1728004509%3A1682480142178150&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TjKLKaD30TSJN8T-nf8lTtPSvS0Mch0-BeDqx7a6wGk0RWjbwdG_erlpdOVTWL15_6RSjJ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Server: 2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Y3LKn4beDofaGA-7l5Vu8w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 391
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1728004509%3A1682480142178150&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TjKLKaD30TSJN8T-nf8lTtPSvS0Mch0-BeDqx7a6wGk0RWjbwdG_erlpdOVTWL15_6RSjJ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QQP6yqSMu1G7EgHayBzE1ujWC5W0hZgEEP9ActfY4cvNKmyPDv4Fk...
https://accounts.google.com/v3/signin/identifier?dsh=S-469358031%3A1682480142159187&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SqwZg8GDLiPvmWg3wYCkglTW5qmY7myLDlPQRovBn5m...

0
0

50ms
49ms

Image
text/html

2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-469358031%3A1682480142159187&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SqwZg8GDLiPvmWg3wYCkglTW5qmY7myLDlPQRovBn5mMf6_ZhzlaNL_pgmGf7Ao6G7GqVq&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Server: 2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6-B5M7-BBlrS1qwPn4GvFg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-469358031%3A1682480142159187&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SqwZg8GDLiPvmWg3wYCkglTW5qmY7myLDlPQRovBn5mMf6_ZhzlaNL_pgmGf7Ao6G7GqVq&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
d1mar6i7bkj1lr.cloudfront.net/ 146 KB
47 KB 239ms
185ms Fetch 2600:9000:224a:8600:7:3fc7:b7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mar6i7bkj1lr.cloudfront.net/?iramd=979741
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8600:7:3fc7:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0b236d61fe72b9c3be3bd7e5890669d09aad2e3aa0a0f140485fa1ad74ba47b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 03:35:42 GMT
content-encoding: gzip
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
access-control-allow-origin: https://tr.masa.news
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 47972
x-amz-cf-id: FbmA5vqsvfNZKkqiJXXwoedw_M74yKCyEBSVEwFo6auyQPety_c4Sg==

GET
H3 200 icon-play-48.png
tr.masa.news/templates/apollo/img/ 3 KB
3 KB 29ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/templates/apollo/img/icon-play-48.png

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/templates/apollo/css/apollo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8df6b13aca0998c5a5bb74d411176eb1bc135e945372f046c0d96dc19d9f832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/templates/apollo/css/apollo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 448746
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29Oh0FFSFaiF1mk4E0pnFqWKMs7mZo74nbRu1L9lxb12isnOf1yIR%2BWXjSvwDa9I7JwbCetXN1qvf1lhelDEeI1aI28jhw3e21qUg3ze7Nm2i9ybMw9DLaTcOb02yCSeTMot7304gV7NVQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7bdbc6f71a690c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-play-24.png
tr.masa.news/templates/apollo/img/ 3 KB
3 KB 24ms
24ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/templates/apollo/img/icon-play-24.png

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/templates/apollo/css/apollo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8df6b13aca0998c5a5bb74d411176eb1bc135e945372f046c0d96dc19d9f832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/templates/apollo/css/apollo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445480
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 May 2019 14:34:44 GMT
server: cloudflare
etag: W/"5cd04604-bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exEm8RjIydrDMID5mc%2B3EiIj5fhT7WxbLxK2ebwR2JNZKyAPLNDfEkhspIWUqUhC2vAXNgPd0MmMzZxCvo2aFWRVJK9dufKR9KnANguYIfmMHOw5yfncSREpGkD%2FMOyxkB%2BS78c3IbbABRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
cf-ray: 7bdbc6f74a9f0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 track.php Show response
log.hitsteps.net/ 7 B
595 B 502ms
28ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://log.hitsteps.net/track.php?code=aa7e4b8ec24e521527007c81dc88c020
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b1d2e4fb0f2efac72f6a34e6e9ed7773988319135e0e50909655d309c8428aab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 548880
x-powered-by: PHP/7.4.33
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 19:07:42 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zdzjGu%2BjHCRvHPzIJKTso%2Fvszd8qXTvvidXMwKJCYlVdFkxwPoPCyyX%2BR2SAJZOnKqdgLZe%2BCdRXGWdNSWlCDjkCQfP8GjUO2Tous1Qbi95VR8c6bosVo%2FOme2MXkmyL%2BpK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7bdbc6fa7c7f2c7a-FRA
expires: Wed, 26 Apr 2023 19:07:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 113ms
32ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-201411662-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 02:27:45 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4077
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 26 Apr 2023 04:27:45 GMT

GET
H3

200

8407e7af.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkishz.masa.news/uploads/articles/8407e7af.jpg?cache_buster=1646829213
https://tr.masa.news/uploads/articles/8407e7af.jpg?cache_buster=1646829213

27 KB
27 KB

31ms
31ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/8407e7af.jpg?cache_buster=1646829213

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9001e36aaa16b1816d28608ab377e340efcad437c4489c4bd0e3e544479fef25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Mar 2022 03:41:39 GMT
server: cloudflare
etag: W/"6226d073-6b9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEL6VU5NEhohuBS0rJHDBdsiqCpox10rU%2BmIx%2FdqELd4w%2BfnaEO%2FmJld0l8WVrzQ0eflxRrHanXx%2Btag30ivvq952sJrkJZZX%2BV%2B18hP3PxOEaOk5njQTfAEQzq0SfG81hvByTnq%2FKSfgoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f87b3e0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrMlcdgfYlGH5Py248lN7AeP5rD0%2BWB8NKl2S57ZrGBwqxZhC9emx8zmAHZ3Wp3JmcsagzKcm8T1o4Mz5IsIkd3%2FZnd%2BsYGuFgleE94XNBY7IEoJA07BYdhNfC0UhFI5lgt%2FFBq4ZYAaDSfI9ZaAq0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/8407e7af.jpg?cache_buster=1646829213
cache-control: max-age=31536000
cf-ray: 7bdbc6f839d60b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

114f9242.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkish1.masa.news/uploads/articles/114f9242.jpg?cache_buster=1655300521?cache_buster=1655305904?cache_buster=1655308670
https://tr.masa.news/uploads/articles/114f9242.jpg?cache_buster=1655300521?cache_buster=1655305904?cache_buster=1655308670

132 KB
133 KB

30ms
30ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/114f9242.jpg?cache_buster=1655300521?cache_buster=1655305904?cache_buster=1655308670

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2fcb044afd8c649f247eb999516e8bc76ee9063ccd464a9e7e9e31c047cbe8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jun 2022 18:29:07 GMT
server: cloudflare
etag: W/"62a8d373-21033"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7pJnajfm9mEOVwvCYzr31EROAS3Kwe0KKO%2BN319bzXYxQSXa2MUdAw5cjucdJO0td6ZEYNI864QS%2B1SakbpqrOcEmJXMM6OMyDdYqpPfRb%2F8zhm4gwOlHnm5NkZIYXOVfnAOsJ2Z2mcBZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f88b4c0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtunRSKxo7uxDALK93qu90lQiOHiwO8FJH0YrVZJ4Y8I8hCwpMd1fhechkfcE3TUUfDz5emNJ28jFSgGEfDUfWUEPMhKNVRqZ3i35D%2Bl1s6U7NEqXkRFi7imdyf%2Bm2ir%2FL%2FFWp1jResSO8rwqXoPrII%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/114f9242.jpg?cache_buster=1655300521?cache_buster=1655305904?cache_buster=1655308670
cache-control: max-age=31536000
cf-ray: 7bdbc6f859ea0b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

046aecce.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkishs.masa.news/uploads/articles/046aecce.jpg
https://tr.masa.news/uploads/articles/046aecce.jpg

56 KB
57 KB

26ms
26ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/046aecce.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe88ce43948d871d6bd9f1dec782dd40015e01a93a10ebce6b2ae84d96cbc0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11782814
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 19 Dec 2021 06:15:09 GMT
server: cloudflare
etag: W/"61becded-e1dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWain%2FxLzF%2F5Tvq%2B6ieW9gOe53%2BQtiH2ewn81AwZuwJryqEfLYXtoAkEueWifUVNOJdLrQnW%2BjMO3jNkgf7IAF2UVQ6PJbjH2j7VjRXIKBCeCb%2FlQiNJAAgvhvsDyG%2B%2FQI8MVOkvykAsh%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f96be50c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjwX91hC03YlxUK%2FxbcpR%2BqFEzqRZUVQKCXl7bcMNvscnWk9Q%2Bh39H%2Fw89y0%2FIOlINFWsmttRjSBLDKL4TU4b%2BiqlMkMeHse3HZi4CCOHQEawps8sM%2BThUVHOfh3V123svkRHSa%2B61ZP0rENUELmmww%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/046aecce.jpg
cache-control: max-age=31536000
cf-ray: 7bdbc6f93a710b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

4b84bdbf.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkishz.masa.news/uploads/articles/4b84bdbf.jpg
https://tr.masa.news/uploads/articles/4b84bdbf.jpg

56 KB
56 KB

25ms
25ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/4b84bdbf.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5a3009a1d5688bf4c5e6c0cb31620999ec0a41ce36a822815b0d9b5555a6154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38190
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 06:50:10 GMT
server: cloudflare
etag: W/"62357d22-df2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nw2u3BQ%2BpxvpZjhCL3JxSavyuWKPbIm9iodTg78H52Vg2etEGvcCzP%2F4YrLPJ%2FKCUFyqr0SKfYK6ShWQME5fddM%2F9zSMVZtrKmeiHPDW1bU6FVQSE7IoZlYtd3rMDqJN8%2FIIqkCd6akcPrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f86b330c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FRyPl5mPkkAuQU1kMmsYsy%2BDycKdsVPqDjGTy2LPJZHacpseYQVfGX81rng6aw5qnMYCa2zDrGnpCXhq%2FBLlPg2m5u5080hpp4XxpDY4eIhfOG0WdG6vv7p%2FqfTzXao3Zhm7I5idFVycjkzcKbmdus%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/4b84bdbf.jpg
cache-control: max-age=31536000
cf-ray: 7bdbc6f839d50b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

b0fed503.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkish1.masa.news/uploads/articles/b0fed503.jpg
https://tr.masa.news/uploads/articles/b0fed503.jpg

54 KB
55 KB

31ms
31ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/b0fed503.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2dd38c1687bd29cd37b7bd553941de7241d8bfb445e7d9cf4c2f9137ab4f722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jun 2022 15:10:51 GMT
server: cloudflare
etag: W/"62a8a4fb-d8aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9qb8J6UvkmZMt3Tj%2FU%2FFJVQBnYnmIJvEP65fjmDdXVWCtuur97n%2Fwe5s1r%2FORrAc1SeNtW9S34v%2BcsrrTmMNA2QWuR49a9hCL1pVHzkGWrown7IfApUWOY2JPsRfCVnBsS1w41v9UoqhpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f87b450c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR8tVdZUFVOeL%2FcuRJHrvWLbyJc4RrlCD0eG%2Bd9zqUeaMvE8tvttTmO%2FZF3LZg%2FqCMT20A6s2f1mnNFKzdRYGcUvAs9JlQoWou99teVrsowgxOdq57BwP4zIQBJuWsxTVtpURzQe0s71GeLiLeqPocU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/b0fed503.jpg
cache-control: max-age=31536000
cf-ray: 7bdbc6f859eb0b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

ed89636c.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkishs.masa.news/uploads/articles/ed89636c.jpg?cache_buster=1644139824
https://tr.masa.news/uploads/articles/ed89636c.jpg?cache_buster=1644139824

68 KB
68 KB

26ms
26ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/ed89636c.jpg?cache_buster=1644139824

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bc221784f8f8d9dd098887995e8588a75403cf48b5434eafda26a846d3b853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59719
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Feb 2022 06:07:08 GMT
server: cloudflare
etag: W/"61fe140c-10f39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8%2BiLLkK%2FyjIMr1CNIetNS2AcftPnCFUCvk8goxCbI9%2BdBRvDNyuLQ%2BqfSwgWnE%2F%2F8%2B%2F22YtEebcett5WRWSoizsmBvXHY1ytoLer1Zf328oPFdCa70g6qXC9yhtJecR28UGEx6m3O6my8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f96be80c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6dpD%2FjSr2MHXGyEJ9i1hKTH%2BTAEdJqiDXBCvSnnhBLuXAYPF1QUlI39UoA92greh70QHP6Dyx9oi%2BSqroTFp34w9DN8szACFp%2FPP5f%2Bf1pTn1zkAeRSrbh9l3MiKvZLF6LC%2BrGjDeuwmSALK%2Fde34o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/ed89636c.jpg?cache_buster=1644139824
cache-control: max-age=31536000
cf-ray: 7bdbc6f93a730b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

6681d7777-1.jpg
tr.masa.news/uploads/thumbs/
Redirect Chain

https://turkish1.masa.news/uploads/thumbs/6681d7777-1.jpg
https://tr.masa.news/uploads/thumbs/6681d7777-1.jpg

31 KB
31 KB

30ms
29ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/thumbs/6681d7777-1.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8278e84659828d75854277cf9b9de5df83e850fd3195181f4e7435e8a4d9551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 458231
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jun 2022 20:13:47 GMT
server: cloudflare
etag: W/"62aa3d7b-7bda"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW7D6aIBcr1c4%2BPYoFwdeZfuY%2FupfY3kywg5t4l9lIJXW4KFOOz2vllbDKvNC%2FE731fzs6DN9XWCJG8VjjAoV6DsqfbKtf8PqTZen6qZ249M1Fn0HJB1G9DfLHRZoXcM8TKxyDfNUTWl8EI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f88b500c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQG6LboDFjUyPsNBrg%2BgWvmkt5TUYLA5HWa%2FPmZEdlg68nyYuqgQdKcLXP0u2qSGE5dkC16P0L%2BASdssDhPq7P3wEYX9NBAPjkKk6z9yitze9RBrTyWL5ze7Wmbym5csKUiGelQB6%2BQx3pSU7IS64YU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/thumbs/6681d7777-1.jpg
cache-control: max-age=31536000
cf-ray: 7bdbc6f869f20b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5061bf7c0-1.jpg
turki.masa.news/uploads/thumbs/ 52 KB
53 KB 44ms
22ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://turki.masa.news/uploads/thumbs/5061bf7c0-1.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d50bccc796a9f61c0be88b92538babafe6cf72cd7a1502a2ed906dd89b6bbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117526
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 01:03:00 GMT
server: cloudflare
etag: W/"6393dac4-d190"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JloJnSMzjbcFUIXLRFWauRQTmbufbTZ5%2BL7MQC9dDO9mGMiVWgTf1R%2F61UGtOv0PnkZpDR%2B2DcFkqMAfvIhw%2Brdd%2BJ102X46ZmiF6eZ5%2Bu3RiV3nU7ePmSBcy2Rj%2BpkFZZk8BdLxtFZclRsaYFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f8aa1c0b64-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cd120ff90-1.jpg
turki.masa.news/uploads/thumbs/ 48 KB
49 KB 36ms
31ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://turki.masa.news/uploads/thumbs/cd120ff90-1.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2320328f696cc842b0191761b7613d3e5b2938bee7d9d8feaca3271222d85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1623
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 01:31:44 GMT
server: cloudflare
etag: W/"6393e180-c082"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjKA1vIbwZACw7LgGpshOWXztxTjhjsP2m1XwroEnJAHcu%2FyqxV%2Fy9rv%2Bcr5aQ5NSItik87QKS6Tc39%2FlsMcTaWu7ZdVlwLK3gpU9qXXbKBSdfwZ97gTyYXW6CNg0RvDufyllp6SLa50DJHmXwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f8aa1b0b64-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 0a106aec0-1.jpg
turki.masa.news/uploads/thumbs/ 27 KB
28 KB 29ms
28ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://turki.masa.news/uploads/thumbs/0a106aec0-1.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bb24d59dc96d0d128fe60320a638ff60856b005dfd46008428e3e9fb8c3d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19480
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 01:56:40 GMT
server: cloudflare
etag: W/"6393e758-6c0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMzJWjOhjLcvORFZcF%2BM51fqa8ymnwQju8aiulXQ2jqhW2TnRksD3VJ53par%2BKvCcHX5Mu7sIdcADUqL9J3vmztIl8YSdA%2Bl27b3cWjym%2F8tew5goLeuNewKdiInYLkPUN%2Bl7rvhWTpQiXU%2Bv9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f8db7c0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

1a730a74.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkish.masa.news/uploads/articles/1a730a74.jpg
https://tr.masa.news/uploads/articles/1a730a74.jpg

70 KB
70 KB

21ms
21ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/1a730a74.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb91d77a452228d6534fdf77f4ea18c3be5c3c3555beb4c589292ffee2529fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1012290
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Oct 2021 02:16:33 GMT
server: cloudflare
etag: W/"616a3601-11793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEkw2S5%2F%2BZXbkzpCtslAT3ldSNbOUXuIdHFuGGfR5tIY253ZTvNBjBnccVpitCOzxEOtuK1qFnkL3JZcXixXoz9BOFI6B1Po44xwRECI%2BmWOOuARi4Z9C3lIMdkbMO2rYB%2F4B6jy3ZBmxYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6f94bd00c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3IFVG1dnenUEMN8awcsTLYhcO0gQW15aP4lfmZ9nkRQPNbrQz0orK0C1hFlcr%2BvWJGCUMewBsj%2F9Tx6Qw%2BiEPTXoe41VP6RmLVxMNqBN5SX0ULHTcwENfgi8HfUtMktSbBpNrdXWxMNmyCJU8qXoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/1a730a74.jpg
cache-control: max-age=31536000
cf-ray: 7bdbc6f91a590b64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

invisible.js Show response
tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/ Frame 9D5F
Redirect Chain

https://tr.masa.news/cdn-cgi/challenge-platform/scripts/invisible.js
https://tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

27 KB
12 KB

21ms
21ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f72aa9c4cc6a3a80f34cb7a5c29aa08cd8f9441585b761818a59b9c117071d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gheV2NnIe5xGzyMWZamT2NF987ciD1avC0qzOyToiM%2FZfhHifoDaRHcKoQG%2BtLKkWaFaklK9%2Ftr0B8Gb3qDQPVH3bSim2k3cHz5m%2F36WW%2BJsnYQGJTOqbQ%2FQEUdxSrhjI9ct4%2B%2BnegICdXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7bdbc6f83b210c39-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 26 Apr 2023 03:35:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtrP5RbRT47NjgMqD6B%2FJdiQyQdIj4bKTN6b5XIXv33V848F5JNo%2BEsu28A9KzpEOQ5OQ103NaHoCIfFzDCCuZy2UWarzvJv3oXZ3W8O2NuIzv7LgPCSCOOmx5VDuVooDbaa3Edc2R8bnIU%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/078c83c1/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7bdbc6f81b130c39-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 28ms
28ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1155472061&t=pageview&_s=1&dl=https%3A%2F%2Ftr.masa.news%2F1.php&ul=en-us&de=UTF-8&dt=Turkish%20Masa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1642737034&gjid=132281926&cid=1989342284.1682480142&tid=UA-201411662-2&_gid=1824132696.1682480142&_r=1&gtm=457e34j0&jsscut=1&z=1199954768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tr.masa.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 03:35:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tr.masa.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
careewituhi.info/ 35 B
392 B 28ms
27ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careewituhi.info/popunder.gif
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Wed, 26 Apr 2023 03:35:42 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 21:25:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22219
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnVmEbFEO2cId95W%2BEJi2dJkIebaPAJLC1O4HFJvdOnZbbsy1%2FpMkJbwuczScL6SqCVTAasl6mCF2KC5HKbImeKfhi0Nsuck9tEeK4mKBvAYrHNKr9vd94wYNlcd4qLCW4XK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7bdbc6f9f8f0bb8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/ Frame 9D5F 6 KB
4 KB 22ms
21ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.masa.news/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b88eb975a186e1dc8f394a471d1dd625ae6c9ef767dcc28e5780d3a161eb13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKv5EoF%2FHQFGw%2F5FGqnLX0T0m5rT5aJNCOAeo%2FZnxObDn9iH55W6NM%2Bq8cL35DR68JNwWt8Za5JtNGmPn%2FtGCc3RuWeZ0HLp8rhbTdS13tqQmWlszCAC2Qksxsp2rcI93rbt%2FKIukvLBghI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7bdbc6fa6c5d0c39-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7bdbc6f46f260b64 Show response
tr.masa.news/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 9D5F 2 B
629 B 464ms
464ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.masa.news/cdn-cgi/challenge-platform/h/b/cv/result/7bdbc6f46f260b64
Requested by: Host: tr.masa.news
URL: https://tr.masa.news/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Apr 2023 03:35:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbIDG5NNjEZJ5sRKrn%2BmOZW2eSzfQG%2F7tt2eA6Gim6qKIGtYrZCWO4mnC26RV9MVnloyObJqUSRLUVGc1OkWz3ukQk99yy8abjpBqcQDQqaDPowv3uGrMrW9RQUkYY2rU4MyA%2B8kzEfDzPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7bdbc6fc0d3b0c39-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 femFxSzkZDh8tBg4IFXYATVhGfwhcCwIkVwpcFj1vHhYGJHgSJzdyd1wVCy8ESkcdKlcdXFcuVxlcQG1YHgNMfx8OER4gBBsbBT9VDRACJEBcFBB2VBUbGCdVG0RDDQxUUVR5CVIWGCVdFRYCbgtKDwVuC0pQQWUJX1IzbgtKFhglD05EQgkcSFEJfQ1TRE-N7WAo... Show response
d1mar6i7bkj1lr.cloudfront.net/ Frame 9EEA 837 B
869 B 178ms
177ms Script
text/plain 2600:9000:224a:8600:7:3fc7:b7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mar6i7bkj1lr.cloudfront.net/femFxSzkZDh8tBg4IFXYATVhGfwhcCwIkVwpcFj1vHhYGJHgSJzdyd1wVCy8ESkcdKlcdXFcuVxlcQG1YHgNMfx8OER4gBBsbBT9VDRACJEBcFBB2VBUbGCdVG0RDDQxUUVR5CVIWGCVdFRYCbgtKDwVuC0pQQWUJX1IzbgtKFhglD05EQgkcSFEJfQ1TRE-N7WAoRHS5OHwMaIk1fUzd+Ck1PQn0cSFFZIFEODB1uCzlEQ3tVEwoUbgtKBhQoUhVIVHkJGQkDJFQfREMNCEtTX3sXT1dAfhdLU0BuC0oSEC1YCAhUeX9PUkZlCkxHBHYI
Requested by: Host: ndentofinau.info
URL: https://ndentofinau.info/V3d6TUM2FRkgfDZKGGs2JRtHaHERUkgLJ2YaGz91PkAYJilmGwhjIDsYDyklJRgUOW05Eg5ocRERHyAFLyQAJhkTH0I5ATBDMwsbDjYuGysQEQ0lIBQAMyYVIAcZCylmATIlGhA9MioQHQ0eNCdmACwOOm8yKSYgMzwWLicPMRk4FS8bGRwEZi4yKg0aEQJ1DBIlTioBFQQYDxduIT4fAhQ9Pw8gETU4fxUVIhgKADMhPX0REzMrNRYCISh4AAE+LQoAARM8HxoUFR05CBMALDgAZwcrHBQCPSJ8Ci0VHTkIER8dIQdnQj8cJDwUKQsGHRErfBcFMlcDdAA2FR8LBEI1BTQaFjMmcjEiAClmZTU5JnIHJhR9IAQxPBcKETI1CQFmAjk3LxImSTkVEgAVGCEwAzEPKwYYLyUVHiEyJgkQJhEJCREmHB8GGjk5CDcDL0k+GwNGHgwlPxM2GHMVAjl9LAQyOXwaFDYSGCYPTioYKA0bOSY7HzUyFApxHQkiLSdKHTsVMwANIgI/MTx0DQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8600:7:3fc7:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d0a80dd5e35d1bd86d91c9e9fc05375837c6858963a532ce98e9f7b7b6fd27f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ndentofinau.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:42 GMT
content-encoding: gzip
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 592
x-amz-cf-id: Fb6InGegyDGoIZocoPjaWjK8jvsQh4X673QBpO60EMLKnbJQJzSaRw==

GET
H3 200 cd120ff90-1.jpg
turki.masa.news/uploads/thumbs/ 48 KB
49 KB 36ms
35ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://turki.masa.news/uploads/thumbs/cd120ff90-1.jpg

Requested by

Host: tr.masa.news
URL: https://tr.masa.news/templates/apollo/js/theme.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2320328f696cc842b0191761b7613d3e5b2938bee7d9d8feaca3271222d85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Dec 2022 01:31:44 GMT
server: cloudflare
etag: W/"6393e180-c082"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ru6NoviRijf9%2FVEL%2FwO5BFArZaGPvk4U2qiy1C4EsCQCmiEfDvXBAZixHl%2FpfDNhJcLt2gayjfi76FAvtpWUc1iBMGSRCiBcIkMG8p1w7mlprPVq24s14cR1hARezL3G1Ok3EhO3jpkENBX44Yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6ff0ebb0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

046aecce.jpg
tr.masa.news/uploads/articles/
Redirect Chain

https://turkishs.masa.news/uploads/articles/046aecce.jpg
https://tr.masa.news/uploads/articles/046aecce.jpg

56 KB
57 KB

30ms
29ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.masa.news/uploads/articles/046aecce.jpg

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe88ce43948d871d6bd9f1dec782dd40015e01a93a10ebce6b2ae84d96cbc0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tr.masa.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 03:35:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11782815
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 19 Dec 2021 06:15:09 GMT
server: cloudflare
etag: W/"61becded-e1dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCgmQa6Dr4p9NWI3vjDfOTnNkqVbZxLRRtM4XsQ%2BqGspLIYC9RGJjQtfzYjmOYxnpDBN3eWoPo489sd02fdfOEt8O2YbPpXTvH85JJ3ZBakK6NhbsnHqxEsE7IZmHu2lAPg0eBumnCqueLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 7bdbc6ff7efa0c39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 26 Apr 2023 03:35:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BI2MW%2B8P6yVKKI%2F%2BHAuI%2FUcCzriSuj1pF%2BV2eSOK4wBdxFKPp8Og5B1u6t%2BsD4Kss1zwBfn9879Xi1jR3iN2tq9Ou0wLDahNIljgL%2FuZYegCIE5UuWKu0nYzsZKXu5%2FWK2m4d2Q%2B%2FX7SWuzHEotUTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://tr.masa.news/uploads/articles/046aecce.jpg
cache-control: max-age=31536000
cf-ray: 7bdbc6ff0ebc0c39-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tr.masa.news/	1969-12-31 23:59:59	Name: PHPSESSID Value: np0qg76btk4t0q7am1u2t9lvuq
pogothere.xyz/	1970-01-20 19:59:44	Name: csu Value: 230239037300593@1@1682480141
.masa.news/	1970-01-20 20:57:20	Name: _ga Value: GA1.2.1989342284.1682480142
.masa.news/	1970-01-20 11:22:46	Name: _gid Value: GA1.2.1824132696.1682480142
.masa.news/	1970-01-20 11:21:20	Name: _gat_gtag_UA_201411662_2 Value: 1
.masa.news/	1970-01-20 11:21:21	Name: __cf_bm Value: tFnO60oIoKSiDnYinhJ.LiLZsujGTo8Rds.9cayLSlY-1682480143-0-AfGHioKh/emoUAl9MFa8NOnPmlkp49WrrccNH2e+uqsy3Evyq6v6MW33Fs0tKEbmB55rrh5LdxJI0hWkBQ4JthwqN1LeZZdDHhVOUaw1nByd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-469358031%3A1682480142159187&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SqwZg8GDLiPvmWg3wYCkglTW5qmY7myLDlPQRovBn5mMf6_ZhzlaNL_pgmGf7Ao6G7GqVq&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1728004509%3A1682480142178150&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TjKLKaD30TSJN8T-nf8lTtPSvS0Mch0-BeDqx7a6wGk0RWjbwdG_erlpdOVTWL15_6RSjJ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
careewituhi.info
code.jquery.com
d1mar6i7bkj1lr.cloudfront.net
log.hitsteps.net
masa.news
ndentofinau.info
netdna.bootstrapcdn.com
pogothere.xyz
tr.masa.news
turki.masa.news
turkish.masa.news
turkish1.masa.news
turkisha.masa.news
turkishs.masa.news
turkishz.masa.news
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
172.64.198.35
18.64.141.121
188.114.97.3
2001:4de0:ac18::1:a:2a
2600:9000:224a:8600:7:3fc7:b7c0:21
2606:4700::6812:acf
2a00:1450:4001:806::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200d
2a00:1450:4001:831::200e
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
0b236d61fe72b9c3be3bd7e5890669d09aad2e3aa0a0f140485fa1ad74ba47b7
0d50bccc796a9f61c0be88b92538babafe6cf72cd7a1502a2ed906dd89b6bbe6
1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c015a5d2a81139b7fe47b294882c03d3fd072c90d3d78127250d93e65c1de54
2fb91d77a452228d6534fdf77f4ea18c3be5c3c3555beb4c589292ffee2529fc
307b100796fef6fa3f870c4b1111c75a72eafa66b0f5b0ae81d953f31e541b77
34e8e27e1679a10fa7dd6192389f38fb491e89a482aea9690dd4c10538cc10bf
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
41af4a2fb3effba0f84cf21ea77ad4db2373086ee9bda4160dd7a4c14392c179
5f89544a2e24ea91c582de8e0ebeb35b6d84a649af52bfbde9a8cc668c192257
67bc221784f8f8d9dd098887995e8588a75403cf48b5434eafda26a846d3b853
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b88eb975a186e1dc8f394a471d1dd625ae6c9ef767dcc28e5780d3a161eb13f
7dbbe700df964fa01b2e5685082d1f0a6fc5c8a9b9fcb18432fb3f31ac29b208
80f9ba77f58e41caab59d798c39227e34a2da15f06d764baaa5ab3fe9bd3134e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9001e36aaa16b1816d28608ab377e340efcad437c4489c4bd0e3e544479fef25
97f2b0153494d4d0bfe34eef1166351fa69c1297bede5447667dcb6d6a12dc11
98bb24d59dc96d0d128fe60320a638ff60856b005dfd46008428e3e9fb8c3d17
9c6d06fd83d0e274e7b3f06d9f6f3320cbb5fdc9a6248f556ca39eef95708a57
a4864a1dc26c66b5c9c0091afd5d9c5b52709bc023b66b5a3c6fe9e38af6e506
a5a3009a1d5688bf4c5e6c0cb31620999ec0a41ce36a822815b0d9b5555a6154
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1d2e4fb0f2efac72f6a34e6e9ed7773988319135e0e50909655d309c8428aab
b2320328f696cc842b0191761b7613d3e5b2938bee7d9d8feaca3271222d85fe
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2fcb044afd8c649f247eb999516e8bc76ee9063ccd464a9e7e9e31c047cbe8e
b32884af7a440755d1daa5deb4603c2bc181446f4a02673d69e845afe115ba72
b8278e84659828d75854277cf9b9de5df83e850fd3195181f4e7435e8a4d9551
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840
bef5cb0d870c19122da487825fc882c3d8486c9006ad5f9318d8df2c95d56be5
c5da67292da0cb7d7a40812de84e839ef1561c01cb9e0bd4e9bb15bfc64b0cb3
d0a80dd5e35d1bd86d91c9e9fc05375837c6858963a532ce98e9f7b7b6fd27f3
e1ebe58de3fedfd8713bcdda380ce30bc12b17dbe497f841fb52e692941c3f3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb
f2dd38c1687bd29cd37b7bd553941de7241d8bfb445e7d9cf4c2f9137ab4f722
f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f72aa9c4cc6a3a80f34cb7a5c29aa08cd8f9441585b761818a59b9c117071d96
f8df6b13aca0998c5a5bb74d411176eb1bc135e945372f046c0d96dc19d9f832
fe88ce43948d871d6bd9f1dec782dd40015e01a93a10ebce6b2ae84d96cbc0a1

tr.masa.news Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

77 %HTTPS

77 %IPv6

13 Domains

20 Subdomains

13 IPs

3 Countries

1245 kBTransfer

2333 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tr.masa.news Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

77 %
HTTPS

77 %
IPv6

13
Domains

20
Subdomains

13
IPs

3
Countries

1245 kB
Transfer

2333 kB
Size

6
Cookies

53 HTTP transactions
0 data transactions