dgkmv09xcw2.click Open in urlscan Pro
2606:4700:3037::6815:2d9d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dgkmv09xcw2.click/
Effective URL:
https://dgkmv09xcw2.click/
Submission: On November 11 via api (November 11th 2024, 2:43:56 am UTC) from NL — Scanned from DE

Summary HTTP 108 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 108 HTTP transactions. The main IP is 2606:4700:3037::6815:2d9d, located in United States and belongs to CLOUDFLARENET, US. The main domain is dgkmv09xcw2.click.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.

This is the only time dgkmv09xcw2.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3037::6815:2d9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	23.196.241.254 23.196.241.254	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
42	185.102.219.173 185.102.219.173	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	89.187.169.43 89.187.169.43	60068 (CDN77 _) (CDN77 _)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	185.73.200.217 185.73.200.217	61135 (COMNET-DA...) (COMNET-DATACENTER-ISTANBUL)
2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	63.35.101.192 63.35.101.192	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
108	20

8 2606:4700:3037::6815:2d9d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dgkmv09xcw2.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.196.241.254 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-241-254.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.dimml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: unn-185-102-219-173.datapacket.com

s.haber7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i12.haber7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i13.haber7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: unn-89-187-169-43.cdn77.com

makroo.haber7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.haber7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.73.200.217 (Istanbul, Turkey)

ASN61135 (COMNET-DATACENTER-ISTANBUL, TR)
PTR: reverse.comnetnetwork.com

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.101.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-101-192.eu-west-1.compute.amazonaws.com

baltar.dimml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	haber7.net s.haber7.net — Cisco Umbrella Rank: 334118 i12.haber7.net — Cisco Umbrella Rank: 290739 makroo.haber7.net — Cisco Umbrella Rank: 445448 i13.haber7.net — Cisco Umbrella Rank: 338384 i2.haber7.net — Cisco Umbrella Rank: 337790	765 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 pubads.g.doubleclick.net — Cisco Umbrella Rank: 441	152 KB
8	dgkmv09xcw2.click 1 redirects dgkmv09xcw2.click	35 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9307	4 KB
6	dimml.io cdn.dimml.io — Cisco Umbrella Rank: 84692 baltar.dimml.io — Cisco Umbrella Rank: 274925	9 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	143 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	435 KB
4	googlesyndication.com 44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4610	76 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	86 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 887
2	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 66382 590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr Failed	34 KB
2	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 8123
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 307	33 KB
0	Failed function sub() { [native code] }. Failed
108	17

	Domain	Requested by
21	s.haber7.net	dgkmv09xcw2.click s.haber7.net
17	i12.haber7.net	dgkmv09xcw2.click
8	dgkmv09xcw2.click	1 redirects dgkmv09xcw2.click s.haber7.net
6	mc.yandex.com	3 redirects dgkmv09xcw2.click mc.yandex.ru
5	cdn.dimml.io	dgkmv09xcw2.click cdn.dimml.io
5	www.googletagmanager.com	dgkmv09xcw2.click www.googletagmanager.com
4	44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com	dgkmv09xcw2.click
4	pubads.g.doubleclick.net	dgkmv09xcw2.click
4	i13.haber7.net	dgkmv09xcw2.click
4	fundingchoicesmessages.google.com	dgkmv09xcw2.click
4	securepubads.g.doubleclick.net	dgkmv09xcw2.click www.googletagservices.com
4	mc.yandex.ru	1 redirects dgkmv09xcw2.click
4	www.google-analytics.com	dgkmv09xcw2.click www.google-analytics.com www.googletagmanager.com
3	connect.facebook.net	dgkmv09xcw2.click connect.facebook.net
2	www.facebook.com	dgkmv09xcw2.click
2	i2.haber7.net	dgkmv09xcw2.click
2	tags.bluekai.com	dgkmv09xcw2.click s.haber7.net
2	cdn.p.analitik.bik.gov.tr	dgkmv09xcw2.click
2	tags.bkrtx.com	dgkmv09xcw2.click
1	www.google.com	dgkmv09xcw2.click
1	baltar.dimml.io	dgkmv09xcw2.click
1	makroo.haber7.net	dgkmv09xcw2.click
1	www.googletagservices.com	dgkmv09xcw2.click
0	590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr Failed	cdn.p.analitik.bik.gov.tr
0	invalid Failed	dgkmv09xcw2.click
108	25

This site contains links to these domains. Also see Links.

Domain
www.haber7.com
spor.haber7.com
ekonomi.haber7.com
www.yasemin.com
video.haber7.com
otomobil.haber7.com

Subject Issuer	Validity	Valid
dgkmv09xcw2.click WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
*.dimml.io Sectigo RSA Domain Validation Secure Server CA	`2024-08-30` - `2025-09-05`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-20` - `2024-11-18`	3 months	crt.sh
s.haber7.net R10	`2024-09-30` - `2024-12-29`	3 months	crt.sh
i12.haber7.net R11	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
makroo.haber7.net R10	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.p.analitik.bik.gov.tr GeoTrust TLS RSA CA G1	`2024-04-30` - `2025-05-31`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
i13.haber7.net R11	`2024-09-30` - `2024-12-29`	3 months	crt.sh
i2.haber7.net R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://dgkmv09xcw2.click/
Frame ID: E21A6F81A8B70DE2BBB5EF9C1E9EF8C1
Requests: 102 HTTP requests in this frame

Frame: https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 684CC60D34D5A245FA25D4E6A6AD1870
Requests: 1 HTTP requests in this frame

Frame: https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5EAEF26FEB3CB27C3B223444DC8CFDDC
Requests: 1 HTTP requests in this frame

Frame: https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75EB5728A39AD2B44B1DFE965078B8CC
Requests: 1 HTTP requests in this frame

Frame: https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 465C7CF12BAFEE413C25BDA5CEA96EAB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5BFD182A901043C98F43EAD92373D10E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F6BE0DC3C9DAC6C4C8EE65F44C01282A
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B038FC42C9C6B0F4F7851C2EF1C3B081
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oto Rehberi - Otomobil Haberleri, 2024 Yeni Otomobil Modelleri

Page URL History Show full URLs

http://dgkmv09xcw2.click/ HTTP 307
https://dgkmv09xcw2.click/ Page URL
https://dgkmv09xcw2.click/cdn-cgi/phish-bypass?atok=OMQyJ.CKYr89mxND9Kt2JAGJ.NK.O67W3NSPUH8XiZE-173129... HTTP 301
https://dgkmv09xcw2.click/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

93 %
HTTPS

68 %
IPv6

17
Domains

25
Subdomains

20
IPs

5
Countries

1794 kB
Transfer

5270 kB
Size

26
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haber7.com/otomobil-haberleri

Search URL Search Domain Scan URL

URL: https://www.haber7.com/
Title: Haber7 Ana Sayfa

Search URL Search Domain Scan URL

URL: https://www.haber7.com/sondakika
Title: Son Dakika

Search URL Search Domain Scan URL

URL: https://www.haber7.com/guncel
Title: Gündem

Search URL Search Domain Scan URL

URL: https://spor.haber7.com/
Title: Spor

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/
Title: Ekonomi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/dunya
Title: Dünya

Search URL Search Domain Scan URL

URL: https://www.haber7.com/emlak-haberleri
Title: Emlak

Search URL Search Domain Scan URL

URL: https://www.haber7.com/siyaset
Title: Siyaset

Search URL Search Domain Scan URL

URL: https://www.haber7.com/yerel
Title: Yerel

Search URL Search Domain Scan URL

URL: https://www.haber7.com/yazarlar
Title: Yazarlar

Search URL Search Domain Scan URL

URL: https://www.haber7.com/yasam
Title: Yaşam

Search URL Search Domain Scan URL

URL: https://www.haber7.com/teknoloji
Title: Teknoloji

Search URL Search Domain Scan URL

URL: https://www.haber7.com/egitim
Title: Eğitim

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya
Title: Medya

Search URL Search Domain Scan URL

URL: https://www.haber7.com/saglik
Title: Sağlık

Search URL Search Domain Scan URL

URL: https://www.haber7.com/3sayfa
Title: 3.Sayfa

Search URL Search Domain Scan URL

URL: https://www.haber7.com/kadin
Title: Kadın

Search URL Search Domain Scan URL

URL: https://www.haber7.com/kitap
Title: Kitap

Search URL Search Domain Scan URL

URL: https://www.haber7.com/kultur
Title: Kültür

Search URL Search Domain Scan URL

URL: https://spor.haber7.com/canli-mac
Title: Maç Merkezi

Search URL Search Domain Scan URL

URL: https://spor.haber7.com/futbol
Title: Futbol

Search URL Search Domain Scan URL

URL: https://spor.haber7.com/basketbol
Title: Basketbol

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/kobi
Title: Kobi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/rotalar
Title: Rotalar

Search URL Search Domain Scan URL

URL: https://www.haber7.com/dunyayi-geziyorum
Title: Dünyayı Geziyorum

Search URL Search Domain Scan URL

URL: https://www.haber7.com/gezi-rehberi
Title: Gezi Rehberi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/seyahat
Title: Seyahat Haberleri

Search URL Search Domain Scan URL

URL: https://www.yasemin.com/annecocuk
Title: Anne-Çocuk

Search URL Search Domain Scan URL

URL: https://www.yasemin.com/masiva
Title: Masiva

Search URL Search Domain Scan URL

URL: https://www.yasemin.com/saglik
Title: Sağlık

Search URL Search Domain Scan URL

URL: https://www.yasemin.com/guzellik
Title: Güzellik

Search URL Search Domain Scan URL

URL: https://www.yasemin.com/
Title: Yasemin.com

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/ekonomi/haber/3434143-emniyet-kemerinde-sorun-var-chevrolet-13-bin-corvette-modelini-geri-cagirdi
Title: Emniyet kemerinde sorun var: Chevrolet, 13 bin Corvette modelini geri çağırdı

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/ekonomi/haber/3433897-osd-2024-yilinin-ilk-5-aylik-verilerini-acikladi
Title: OSD, 2024 yılının ilk 5 aylık verilerini açıkladı

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/ekonomi/haber/3433916-sakaryadan-ilk-5-ayda-yaklasik-25-milyar-dolarlik-ihracat
Title: Sakarya'dan ilk 5 ayda yaklaşık 2,5 milyar dolarlık ihracat

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433714-tesla-duyurdu-tamamen-otonom-surus-testleri-cinde-yapilacak
Title: Tesla duyurdu: Tamamen otonom sürüş testleri Çin'de yapılacak

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433670-turkiyede-satilan-her-10-otomobilden-7si-ithal
Title: Türkiye'de satılan her 10 otomobilden 7'si ithal

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433486-yerli-otomobil-togg-sahiplerine-euro-2024-mujdesi
Title: Yerli otomobil Togg sahiplerine Euro 2024 müjdesi!

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433379-ikinci-el-otomobil-piyasasinda-ortalama-fiyat-belli-oldu
Title: İkinci el otomobil piyasasında ortalama fiyat belli oldu!

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433416-opel-corsanin-haziran-ayi-guncel-fiyat-listesi-aciklandi
Title: Opel Corsa'nın haziran ayı güncel fiyat listesi açıklandı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433371-kiralik-aracta-sahte-site-uyarisi
Title: Kiralık araçta 'sahte' site uyarısı

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/ekonomi/haber/3433077-turkiye-ve-abnin-ek-vergi-karari-sonrasi-cinden-ilk-aciklama
Title: Türkiye ve AB'nin ek vergi kararı sonrası Çin'den ilk açıklama

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433719-peugeot-turkiye-yeni-rifter-satislarindan-memnun
Title: OTOMOBİL Peugeot Türkiye, yeni Rifter satışlarından memnun

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3433695-ds-modellerinde-haziran-ayina-ozel-kampanyalar
Title: OTOMOBİL DS modellerinde haziran ayına özel kampanyalar

Search URL Search Domain Scan URL

URL: https://www.haber7.com/ekonomi/haber/3430089-otomotiv-satislarinda-5-aylik-yukselis
Title: EKONOMİ Otomotiv satışlarında 5 aylık yükseliş!

Search URL Search Domain Scan URL

URL: https://www.haber7.com/ekonomi/haber/3424504-togg-sahiplerinin-yuzde-80i-d-smart-goyu-kullanmaya-basladi
Title: EKONOMİ Togg sahiplerinin yüzde 80'i D-Smart GO'yu kullanmaya başladı!

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/ekonomi/haber/3388242-cinli-sirket-geely-surucusuz-araclara-hizmet-vermesi-planlanan-uydularini-firlatti
Title: Çinli şirket Geely, sürücüsüz araçlara hizmet vermesi planlanan uydularını fırlattı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3368179-yeni-nesil-elektrikli-arac-very-dunya-markasi-olma-yolunda
Title: Yeni nesil elektrikli araç 'Very' dünya markası olma yolunda

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3357965-yeni-jaecoo-j8in-dunya-lansmani-yapildi
Title: Yeni JAECOO J8’in dünya lansmanı yapıldı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3350821-opelden-dusuk-faizli-kredi-secenegi
Title: Opel'den düşük faizli kredi seçeneği

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3350819-ds-automobilesden-uygun-faizli-kredi-teklifleri
Title: DS Automobiles'den uygun faizli kredi teklifleri

Search URL Search Domain Scan URL

URL: https://ekonomi.haber7.com/ekonomi/haber/3346027-ek-mtv-ve-yapilandirma-icin-son-gun-31-agustos
Title: Ek MTV ve yapılandırma için son gün 31 Ağustos

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3343687-ingilterede-otomobil-satislari-temmuzda-artti
Title: İngiltere’de otomobil satışları temmuzda arttı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3330955-citroenden-haziran-ayina-ozel-kampanya
Title: Citroen'den haziran ayına özel kampanya

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3329985-stellantisten-fransaya-icin-yeni-hamle
Title: Stellantis'ten Fransa'ya için yeni hamle

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3325621-avrupada-otomobil-satislari-yuzde-17-artti
Title: Avrupa'da otomobil satışları yüzde 17 arttı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/teknoloji/haber/3419435-elon-musk-bir-ulkede-daha-otonom-surusu-aktiflestirecek
Title: Elon Musk bir ülkede daha otonom sürüşü aktifleştirecek!

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3344168-cinli-markalarin-pazar-payi-artiyor
Title: Çinli markaların pazar payı artıyor

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3341043-en-ulasilabilir-elektrikli-otomobil
Title: En ulaşılabilir elektrikli otomobil

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3327061-trafikteki-tasit-sayisi-176-bin-662-artti
Title: Trafikteki taşıt sayısı 176 bin 662 arttı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3317685-ford-eller-serbest-surusu-baslatiyor
Title: Ford, "eller serbest" sürüşü başlatıyor

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3232665-hyundai-bayon-modeline-zam-geldi-iste-fiyat-listesi
Title: YENİ MODELLER Hyundai Bayon modeline zam geldi! İşte fiyat listesi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3232809-volocopterin-4-kisilik-hava-taksisi-ilk-ucusunu-yapti
Title: TEST SÜRÜŞLERİ Volocopter'ın 4 kişilik hava taksisi ilk uçuşunu yaptı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3235786-fiyatlar-degisti-iste-turkiyede-satilan-en-ucuz-sifir-otomobiller
Title: KAMPANYALAR Fiyatlar değişti! İşte Türkiye'de satılan en ucuz sıfır otomobiller

Search URL Search Domain Scan URL

URL: https://www.haber7.com/foto-galeri/c1358
Title: FOTO GALERİ

Search URL Search Domain Scan URL

URL: https://video.haber7.com/otomobil
Title: VİDEO GALERİ

Search URL Search Domain Scan URL

URL: https://video.haber7.com/video-galeri/281289-togg-sahiplerine-euro-2024-mujdesi
Title: Togg sahiplerine Euro 2024 müjdesi!

Search URL Search Domain Scan URL

URL: https://otomobil.haber7.com/foto-galeri/86044-tuik-acikladi-iste-illere-gore-otomobil-sayisi
Title: TÜİK açıkladı! İşte illere göre otomobil sayısı... TÜİK açıkladı! İşte illere göre otomobil sayısı...

Search URL Search Domain Scan URL

URL: https://otomobil.haber7.com/foto-galeri/86040-ekspertize-gidince-fark-edildi-uc-araci-birlestirip-bir-otomobil-yaptilar
Title: Ekspertize gidince fark edildi! Üç aracı birleştirip bir otomobil yaptılar Konya'da otomobil almak isteyen bir kişi, 2 parça değişen olarak bildiği aracı ekspertize götürdü. Burada yapılan incelemede otomobilin 3 farklı araçtan parçalarla toplandığı ortaya çıktı

Search URL Search Domain Scan URL

URL: https://otomobil.haber7.com/foto-galeri/86007-sifir-otomobilde-kampanya-donemi-basladi-iste-marka-marka-yeni-fiyatlar
Title: Sıfır otomobilde kampanya dönemi başladı! İşte marka marka yeni fiyatlar... Temmuz ayında yürürlüğe girecek olan Avrupa Mutabakatı ile, sıfır kilometre modellerde güvenlik tedbirleri ve teknolojileri olmayan araçlar artık ülkemizde satılamayacak.

Search URL Search Domain Scan URL

URL: https://otomobil.haber7.com/foto-galeri/85993-otomotivde-yeni-donem-basliyor-pes-pese-indirime-gittiler-iste-o-araclar
Title: Otomotivde yeni dönem başlıyor! Peş peşe indirime gittiler: İşte o araçlar... 7 Temmuz 2024 itibariyle Türkiye’de sıfır otomobil satışında yeni güvenlik donanımları zorunlu hale geliyor.

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3324916-uretimde-pandemi-oncesini-yakaladik
Title: OTOMOBİL Üretimde pandemi öncesini yakaladık

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3324675-turkiyede-otomotiv-uretimi-1-ceyrekte-yuzde-17-artti
Title: OTOMOBİL Türkiye'de otomotiv üretimi 1. çeyrekte yüzde 17 arttı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3324661-yerli-otomobil-togg-sanliurfada-ilgi-odagi-oldu
Title: OTOMOBİL Yerli otomobil Togg, Şanlıurfa'da ilgi odağı oldu

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3324397-yerli-otomobil-togga-nigdede-gorucuye-cikti
Title: OTOMOBİL Yerli otomobil Togg'a Niğde’de görücüye çıktı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3324141-yerli-ve-milli-otomobil-togga-mardinde-buyuk-ilgi
Title: OTOMOBİL Yerli ve milli otomobil Togg'a Mardin'de büyük ilgi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/otomobil/haber/3323601-boluda-togga-yogun-ilgi
Title: OTOMOBİL Bolu'da Togg'a yoğun ilgi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/kullanim
Title: Kullanım Şartları

Search URL Search Domain Scan URL

URL: https://www.haber7.com/yayin-ilkeleri
Title: Yayın İlkeleri

Search URL Search Domain Scan URL

URL: https://www.haber7.com/kunye
Title: Künye

Search URL Search Domain Scan URL

URL: https://www.haber7.com/reklam
Title: Reklam

Search URL Search Domain Scan URL

URL: https://www.haber7.com/iletisim
Title: İletişim

Search URL Search Domain Scan URL

URL: https://www.haber7.com/hayat/haber/3432038-tolga-cevikten-ters-kose-en-iyi-komedyeni-acikladi-hasan-can-kaya-cem-yilmaz-degil
Title: Tolga Çevik'ten ters köşe: En iyi komedyeni açıkladı! Hasan Can Kaya, Cem Yılmaz değil

Search URL Search Domain Scan URL

URL: https://www.haber7.com/hayat/haber/3430628-15-kilo-birden-veren-nurgul-yesilcayin-ozel-diyeti-gece-yatmadan-4-saat-once
Title: 15 kilo birden veren Nurgül Yeşilçay'ın özel diyeti: Gece yatmadan 4 saat önce...

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3424292-kenan-imirzalioglunun-yeni-projesi-nabzi-yukseltti-fatih-sultan-mehmet-rolu-sonrasi
Title: Kenan İmirzalıoğlu'nun yeni projesi nabzı yükseltti! Fatih Sultan Mehmet rolü sonrası...

Search URL Search Domain Scan URL

URL: https://www.haber7.com/hayat/haber/3431749-hulya-kocyigitten-engin-altan-duzyatan-aciklamasi-basindan-sonuna-dedi-ve-ekledi
Title: Hülya Koçyiğit'ten Engin Altan Düzyatan açıklaması! "Başından sonuna" dedi ve ekledi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/hayat/haber/3433927-ibrahim-tatlisesten-yillar-sonra-misilleme-bayrami-goremediler
Title: İbrahim Tatlıses'ten yıllar sonra misilleme! "Bayramı göremediler"

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3430608-gonul-daginin-dileki-gulsim-alinin-yeni-projesi-herkesi-sasirtti-imzayi-atti
Title: Gönül Dağı'nın Dilek'i Gülsim Ali'nin yeni projesi herkesi şaşırttı! İmzayı attı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3434421-kurtlar-vadisi-pusunun-buyuk-iskenderi-musa-uzunlar-holdingle-bomba-gibi-donuyor
Title: Kurtlar Vadisi Pusu'nun Büyük İskender'i Musa Uzunlar, Holding'le bomba gibi dönüyor!

Search URL Search Domain Scan URL

URL: https://www.haber7.com/hayat/haber/3434148-yildiz-tilbe-sahnede-argo-konustu-kenan-dogulu-kahkahayla-karsilik-verdi
Title: Yıldız Tilbe sahnede argo konuştu! Kenan Doğulu kahkahayla karşılık verdi

Search URL Search Domain Scan URL

URL: https://www.haber7.com/biyografi/haber/3434408-sezgin-baran-korkmaz-kimdir-aslen-nerelidir-esi-kim-sezgin-baran-korkmazin-serveti
Title: Sezgin Baran Korkmaz kimdir, aslen nerelidir? Eşi kim? Sezgin Baran Korkmaz'ın serveti

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3434151-alparslan-buyuk-selcuklunun-yildizi-baris-arduc-ruzgara-birakla-ekranlara-donuyor
Title: Alparslan Büyük Selçuklu'nun yıldızı Barış Arduç, Rüzgara Bırak'la ekranlara dönüyor!

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3430377-teskilattan-adi-silinmisti-selin-gencin-yeni-adresi-izleyiciyi-heyecanlandirdi
Title: Teşkilat'tan adı silinmişti! Selin Genç'in yeni adresi izleyiciyi heyecanlandırdı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/hayat/haber/3434212-survivor-nagihan-ve-yunus-emre-arasinda-tehditli-kavga-tiynetsiz-muptezel
Title: Survivor Nagihan ve Yunus Emre arasında tehditli kavga! "Tiynetsiz müptezel"

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3427136-oktay-kaynarcanin-yeni-adresi-saskina-cevirdi-final-yapar-yapmaz-alanla-el-sikisti
Title: Oktay Kaynarca’nın yeni adresi şaşkına çevirdi! Final yapar yapmaz Alan'la el sıkıştı

Search URL Search Domain Scan URL

URL: https://www.haber7.com/biyografi/haber/3433057-yusuf-atala-kimdir-kizi-hangi-oyuncu-yusuf-atalanin-oynadigi-diziler-filmler
Title: Yusuf Atala kimdir? Kızı hangi oyuncu? Yusuf Atala'nın oynadığı diziler, filmler...

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3433175-kanal-7nin-sevilen-dizisi-final-yapiyor-divane-gonlum-yayindan-kaldiriliyor
Title: Kanal 7'nin sevilen dizisi final yapıyor! Divane Gönlüm yayından kaldırılıyor

Search URL Search Domain Scan URL

URL: https://www.haber7.com/biyografi/haber/3431725-reshad-strik-kimdir-ve-nerelidir-ilk-esi-kim-gamze-ozcelikin-esi-reshad-strikin-oynadigi-diziler
Title: Reshad Strik kimdir ve nerelidir? İlk eşi kim? Gamze Özçelik'in eşi Reshad Strik'in oynadığı diziler...

Search URL Search Domain Scan URL

URL: https://www.haber7.com/medya/haber/3434219-trt1-dizisinin-yildiz-ismi-caner-topcu-guzel-asklar-diyariyla-gumbur-gumbur-geliyor
Title: TRT1 dizisinin yıldız ismi Caner Topçu, Güzel Aşklar Diyarı'yla gümbür gümbür geliyor!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dgkmv09xcw2.click/ HTTP 307
https://dgkmv09xcw2.click/ Page URL
https://dgkmv09xcw2.click/cdn-cgi/phish-bypass?atok=OMQyJ.CKYr89mxND9Kt2JAGJ.NK.O67W3NSPUH8XiZE-1731293023-0.0.1.1-%2F HTTP 301
https://dgkmv09xcw2.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dgkmv09xcw2.click/ HTTP 307
https://dgkmv09xcw2.click/

Request Chain 97

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10549.XtENqj4mHoKKl1udJ057UbwR8ZjxZ79it44jjvDtZVa4a_xb12YWXXfp2apSBT8M.6_EpNsluOZbag8gqWQcfxkHAGzY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10549.3r4QwpXGhnFWzaQvisORG11sLCmkKtNX33PmTfLOoFKaZafvzCsWijpzz4Nelp1GX-yqCnl-vcm8KvAEwukWMJ71RJH7_o23AmlHCzN47YNxWQhzlinAwynnW6cL5N-F9EBhadu05R6W0RWQgti_QZh1ynhodeC_-J9fn-JbUZApcUM2PHY7vawEis_5LJEUR--onw0oGKKDY84sfNbPwlo0HzhmgbZDTzQ5QHwYY6w%2C.JWO3N4NthMiGw1ttHjjlWqwUo5Y%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10549.o91TwpXWzqmMjjRP39ZYzCGMQZU9nbV_ZqqjnwiT9tCzQWLnnGngBvWr5fgx-5xKL5reMvMZMDf_TI_Ss3jEYlApJZtvFPcssddmurXO-NiYbhr9jQD8KYYaig1VtZ42m12T0VfscfV2pXSpFyu2itFq8Bqfc7zpH-7mBGMho9iORavFpMyMGvK1pp00WQo92onXEVr5gr2NdDX7wCDe3w%2C%2C.30fcXLuf5k83jMRemzoB42xqZ-U%2C

Request Chain 103

https://mc.yandex.com/watch/14645857?wmode=7&page-url=https%3A%2F%2Fdgkmv09xcw2.click%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A1%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1155467921547%3Ahid%3A291599716%3Az%3A60%3Ai%3A20241111034350%3Aet%3A1731293031%3Ac%3A1%3Arn%3A308581588%3Arqn%3A1%3Au%3A1731293031543663190%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1158%3Awv%3A2%3Ads%3A0%2C0%2C642%2C130%2C130%2C126%2C1%2C448%2C7%2C%2C%2C%2C1351%3Aco%3A0%3Acpf%3A1%3Ans%3A1731293029114%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731293031%3At%3AOto%20Rehberi%20-%20Otomobil%20Haberleri%2C%202024%20Yeni%20Otomobil%20Modelleri&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(0)cdl(na)eco(42009088)ti(1) HTTP 302
https://mc.yandex.com/watch/14645857/1?wmode=7&page-url=https%3A%2F%2Fdgkmv09xcw2.click%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A1%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1155467921547%3Ahid%3A291599716%3Az%3A60%3Ai%3A20241111034350%3Aet%3A1731293031%3Ac%3A1%3Arn%3A308581588%3Arqn%3A1%3Au%3A1731293031543663190%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1158%3Awv%3A2%3Ads%3A0%2C0%2C642%2C130%2C130%2C126%2C1%2C448%2C7%2C%2C%2C%2C1351%3Aco%3A0%3Acpf%3A1%3Ans%3A1731293029114%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731293031%3At%3AOto%20Rehberi%20-%20Otomobil%20Haberleri%2C%202024%20Yeni%20Otomobil%20Modelleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29cdl%28na%29eco%2842009088%29ti%281%29

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

/ Show response
dgkmv09xcw2.click/
Redirect Chain

http://dgkmv09xcw2.click/
https://dgkmv09xcw2.click/

4 KB
2 KB

272ms
130ms

Document
text/html

2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a75a430f2b4fa97286184db94f7062727af73d59701ab445cd4716b28e474ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8e0aefb73e7d10bf-ORD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Nov 2024 02:43:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lXQ%2B2vPMoKt1DVZGxmyzRsg8lrrlhvbbDgtrU7vRYNYI2daFm%2BQi6Aq1DhMcoY840S1ygaYx5%2Fj%2Fr40A7ZSwEwtUJKaP%2BgCI8XoIbwlVu6bCLmWsq3EUjerWe3EQ3%2FzjMqPCh2PhMhvcmsIVrsziA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://dgkmv09xcw2.click/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 cf.errors.css
dgkmv09xcw2.click/cdn-cgi/styles/ 23 KB
5 KB 121ms
121ms Stylesheet
text/css 2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dgkmv09xcw2.click/cdn-cgi/styles/cf.errors.css

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"672b8dd6-5df3"
x-content-type-options: nosniff
cf-ray: 8e0aefb83fe910bf-ORD
expires: Mon, 11 Nov 2024 04:43:44 GMT
date: Mon, 11 Nov 2024 02:43:44 GMT
content-type: text/css
last-modified: Wed, 06 Nov 2024 15:40:06 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
dgkmv09xcw2.click/cdn-cgi/images/ 452 B
635 B 121ms
121ms Image
image/png 2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dgkmv09xcw2.click/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "672b8dd6-1c4"
x-content-type-options: nosniff
cf-ray: 8e0aefb908f510bf-ORD
expires: Mon, 11 Nov 2024 04:43:44 GMT
accept-ranges: bytes
content-length: 452
date: Mon, 11 Nov 2024 02:43:44 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 15:40:06 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 403 favicon.ico
dgkmv09xcw2.click/ 4 KB
2 KB 125ms
125ms Other
text/html 2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dgkmv09xcw2.click/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b64cd8438c7759fddfc27fb8369233753cda7e4706d2be7095d1621a4ec6a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrOLeMr7gDLendLNDtiEUtrPMR59mO%2BxrtvzCTbTbuv%2B1qjPnFFGvPp9NNFuVoLqkKE8WXx4D8GttCY30Yybf0K6VRx1TosURzGa4Hym%2FtqQu%2BOU83uhWxojaRtX8e1FzSH%2FnjWZKOEh9LRcR35Y9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0aefb9c9d110bf-ORD
date: Mon, 11 Nov 2024 02:43:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

200

Primary Request / Show response
dgkmv09xcw2.click/
Redirect Chain

https://dgkmv09xcw2.click/cdn-cgi/phish-bypass?atok=OMQyJ.CKYr89mxND9Kt2JAGJ.NK.O67W3NSPUH8XiZE-1731293023-0.0.1.1-%2F
https://dgkmv09xcw2.click/

99 KB
23 KB

642ms
642ms

Document
text/html

2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgkmv09xcw2.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4841d91f60b8131f3b95355c1520bd1058f7cd9853a1f1eb7775582e15d3d7dd

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e0aefd9296b10bf-ORD
content-encoding: zstd
content-type: text/html
date: Mon, 11 Nov 2024 02:43:49 GMT
last-modified: Wed, 19 Jun 2024 13:03:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2F3vJpTcQhMubqeBIRPUBd4n1FxP%2FywJ7%2BvAT5IBoPweM5xcJ3ur0TnLqxArRpKFr8TZTWKo2q0pU1xDnF%2F%2FhbwVNRAwD0Aya%2FjHUxVH9MeWxcCNwk50mk2Dz22NuLBzKITAfANujA%2Bh%2BAYvPq9kaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=125777&sent=28&recv=21&lost=0&retrans=0&sent_bytes=14751&recv_bytes=6685&delivery_rate=203&cwnd=12000&unsent_bytes=0&cid=50cf7b14d2ac5ebd&ts=6077&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding
x-powered-by: PleskLin

Redirect headers

cache-control: private, no-cache
cf-ray: 8e0aefd85fa210bf-ORD
content-length: 167
content-type: text/html
date: Mon, 11 Nov 2024 02:43:49 GMT
location: https://dgkmv09xcw2.click/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
age: 4654
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 03:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 01:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
96 KB 96ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7CJT1LEHL&l=dataLayer&cx=c

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63d04de4e461e000d699209090296a25807d08316fc67cd7bad96f37b08241bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 02:43:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97462
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 48ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=UA-46117935-7&l=dataLayer&cx=c

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ae2a2f41ed190fe3616051fca2e4cd0c8f378e8a1eeb9eb04bba3166fdc5786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 11 Nov 2024 02:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81048
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
108 KB 45ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7F33FPJTP5&l=dataLayer&cx=c

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83c3ab5eec87adca87f6e074dde73506fda8a844a8ca392df355577f12927f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 02:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110084
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 500
Internal Server Error bk-coretag.js
tags.bkrtx.com/js/ 0
0 126ms
48ms Script
text/html 23.196.241.254
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.241.254 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-241-254.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 11 Nov 2024 02:43:50 GMT
Content-Length: 27
Date: Mon, 11 Nov 2024 02:43:50 GMT
AK-GRN: 0.b17b1302.1731293030.2958bc17
Content-Type: text/html

GET
H2 200 dimml.js Show response
cdn.dimml.io/ 18 KB
7 KB 32ms
23ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/dimml.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 45d0221a80b4134f7bde5bd8d2e8acf2d24fc1cfe09365ac9181f3782155e545

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-77-nzt: EgwBw7WqEQH3L8EAAAwBJRPCMQG3AAAAAA
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"4e71cbb46ac9"
x-77-cache: HIT
expires: Wed, 18 Sep 2024 12:58:41 GMT
x-77-pop: frankfurtDE
date: Mon, 11 Nov 2024 02:43:50 GMT
x-77-age: 49455
content-type: application/javascript; charset=utf-8
x-77-nzt-ray: 4c1562245bb2005c666f3167195f730d
vary: Accept-Encoding
server: CDN77-Turbo

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 220 KB
76 KB 360ms
147ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "672b9036-129f3"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Mon, 11 Nov 2024 03:43:50 GMT
access-control-allow-origin: *
content-length: 76275
date: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
content-type: application/javascript

GET
H3 200 785434278510362 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 162ms
126ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/785434278510362?v=2.9.158&r=stable&domain=www.haber7.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fb1ca35cae62b37baf35f6f98ab26e57c8e8ab5fbaa596b2d38a82bc92f3122

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-uXqFYFPC' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-uXqFYFPC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=76, mss=1232, tbw=70307, tp=65, tpl=0, uplat=104, ullat=0
pragma: public
x-fb-debug: bp5h42OwZ0nAJHsOjY/Th9YfSlq/ybQF06+cPjOAnHsI/vvwjZvuZA3+wnSfU7K+hlgCXACKrgCeiAMerRUePQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 64ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-kr4bUBDD' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-kr4bUBDD' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4499, tp=10, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: uJuFnkrVxOK27LvsecUny1KeMyJ0pQFf7LaoVv4y2EeoTMSXY6PHRPKvQVC/NxZUtL+Hd4PN7EJ7iVcd6q1Sqg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62105
x-xss-protection: 0
origin-agent-cluster: ?1

GET /
invalid/ 0
0

GET
H2 200 main.min.css
s.haber7.net/assets/v3/common/css/ 277 KB
47 KB 96ms
24ms Stylesheet
text/css 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 6ba35313a3817648e7d2c5f690b545842a7c0bf43af7bfa87c22b45399c06bcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: W/"6033c355-4537c"
age: 1941620
date: Mon, 11 Nov 2024 02:43:49 GMT
content-type: text/css
last-modified: Mon, 22 Feb 2021 14:44:37 GMT
vary: Accept-Encoding
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
server: MerlinCDN

GET
H2 200 emniyet_kemerinde_sorun_var_chevrolet_13_bin_corvette_modelini_geri_cagirdi_1718692492_2957.jpg
i12.haber7.net/haber/haber7/bigmanset/2024/25/ 25 KB
25 KB 159ms
70ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net/haber/haber7/bigmanset/2024/25/emniyet_kemerinde_sorun_var_chevrolet_13_bin_corvette_modelini_geri_cagirdi_1718692492_2957.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 90e9e4223254b9f0abac7c42ac43dafe24da567933f19043a9eb93a7e4c32855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"66712a8f-1454b"
pragma: public
age: 205502
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 25502
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Tue, 18 Jun 2024 06:34:55 GMT
server: MerlinCDN

GET
H2 200 mobile-control.min.js Show response
s.haber7.net/assets/v3/common/js/ 3 KB
1 KB 137ms
65ms Script
application/javascript 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/js/mobile-control.min.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: d1e91ec3afad7dae7897bca2dfbc5069e2aa70d0b3ff51223fcf2e573eb237de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: W/"606f34ee-a99"
age: 1942291
date: Mon, 11 Nov 2024 02:43:49 GMT
content-type: application/javascript
last-modified: Thu, 08 Apr 2021 16:53:02 GMT
vary: Accept-Encoding
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
server: MerlinCDN

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 109 KB
33 KB 101ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe358a30d722f6cee7ce3878cba0f626327ba89c579d04fd182ecf343b27f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: 635 / 20038 / m202410310101 / config-hash: 18170107456145591056
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 02:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33574
x-xss-protection: 0
server: cafe

GET
H2 200 makroo-hb.js Show response
makroo.haber7.net/creative/ 260 KB
97 KB 125ms
45ms Script
application/javascript 89.187.169.43
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://makroo.haber7.net/creative/makroo-hb.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN /
Resource Hash: 1e24ba67d6f01c9105ffe356484c8cd4bd0eb2901d3b8aab168615317c2a8bfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
content-encoding: gzip
etag: W/"671a2966-41037"
age: 0
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 11:03:02 GMT
server: MerlinCDN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
76 KB 53ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186571064-1

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

767762c3f75297509e64786423869f54e73a1e674f4ec4ca9b3a4ba2375dde62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 02:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78056
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/ 485 B
288 B 82ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: 2983297436258324226
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 261
x-xss-protection: 0
server: cafe

GET
H2 200 tracker1.js Show response
cdn.p.analitik.bik.gov.tr/ 34 KB
34 KB 264ms
116ms Script
text/plain 185.73.200.217
COMNET-DATACENTER...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.73.200.217 Istanbul, Turkey, ASN61135 (COMNET-DATACENTER-ISTANBUL, TR),
Reverse DNS: reverse.comnetnetwork.com
Software: MerlinCDN /
Resource Hash: 275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: tr-ist-shy-s18
access-control-max-age: 2592000
cache-control: max-age=3600
age: 3231
x-midtier: tr-ist-shy-s10
access-control-allow-methods: OPTIONS, GET, POST
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
server: MerlinCDN

GET
H/1.1 500
Internal Server Error 64465
tags.bluekai.com/site/ 0
0 99ms
25ms Script
text/html 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/64465?ret=js&limit=1
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 11 Nov 2024 02:43:50 GMT
Content-Length: 27
Date: Mon, 11 Nov 2024 02:43:50 GMT
AK-GRN: 0.548f1402.1731293030.1068171c
Content-Type: text/html

GET
H2 200 324749355 Show response
fundingchoicesmessages.google.com/i/ 25 KB
11 KB 174ms
82ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/324749355?href=https%3A%2F%2Fwww.haber7.com%2Fotomobil-haberleri&ers=3

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

236a15e073b14e63f6ffde1516871fe01ae4b6f907dcf1693b2de95fd9f57590

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XmhlyIsAb4k61KWU0OBfbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4nt07upNNYMGB-2sZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ3M9QyM4wsMAJ4LQIM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XmhlyIsAb4k61KWU0OBfbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 b39056cc0937dd0ee369e84f4f4734efd2872749.js Show response
cdn.dimml.io/static/ 611 B
685 B 104ms
21ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/static/b39056cc0937dd0ee369e84f4f4734efd2872749.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d08d1ae98d994f6d6428627680e04c5ad3379afa4625c19d634053c45ad3334f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-77-nzt: EgwBw7WqEQH3CgAAAAwBisclxAG3BQAAAA
cache-control: public, max-age=60
content-encoding: gzip
etag: W/"b6e37522cec0"
x-77-cache: HIT
x-dimml-version: 2.2 vH8ffFv9
expires: Tue, 29 Oct 2024 14:03:45 GMT
x-77-pop: frankfurtDE
date: Mon, 11 Nov 2024 02:43:50 GMT
x-77-age: 10
content-type: application/javascript; charset=utf-8
x-77-nzt-ray: 4c1562245bb2005c666f31677dc82600
vary: Accept-Encoding
server: CDN77-Turbo

GET
H2 200 AGSKWxWBbVZOimGb3UljPnDwfBktIEIUW9GJ3CHzbM1u9lLS9aiAf9TcdKHqy4bMud1-mj7EEj7GSPrdtWZMm7phi1atgf5JLsNLX0NPRrC0N0fZYSbIwh2djkAtawUeSBnVHI_9RsA-Og== Show response
fundingchoicesmessages.google.com/f/ 450 KB
65 KB 229ms
137ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBbVZOimGb3UljPnDwfBktIEIUW9GJ3CHzbM1u9lLS9aiAf9TcdKHqy4bMud1-mj7EEj7GSPrdtWZMm7phi1atgf5JLsNLX0NPRrC0N0fZYSbIwh2djkAtawUeSBnVHI_9RsA-Og==?fccs=W1siQUtzUm9sOVk2SERUYzg2SnFPTnBDNnFvcXJRcVQ5UjNNZVNHRzVKbF95czVBQ0dXQUxOR3NWb21rcnM2dk5vVTdPWTUtQndsUWFJby05RU1BMktwVDRoX2Q0Tk5VanlCNEdNWjE1OW1zUVpGUC1QaVp2OUR2VENDSi0xRnVsQ0RnUTZiTUMzOFVNYlctZF8zeWVoYldJUTh1YmFhU19GamN3PT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MTg3OTEzOTYsODQ1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5oYWJlcjcuY29tL290b21vYmlsLWhhYmVybGVyaSIsbnVsbCxbWzgsInJNVzFfV09palQ4Il0sWzksInRyIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OSwzMTA4NDQ5MV0sMTIsN10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ef8235d7ff3ef8aeb7fa7a4baf94b0952657d2f21da8fdf547fa1c0a03e7f0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yu1J4TqNlr8AbOr5Wvtr8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OJ7dO7qTTWDBpsYDjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhoYG5noGxvEFBgC0NkU7"
content-security-policy: script-src 'report-sample' 'nonce-Yu1J4TqNlr8AbOr5Wvtr8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxUJ-RCF-BoLgHV3mfQCIZ0iiInryqHoUYruSgKAPOFrDIWn_pnMPESc7eE8GK_l3eo2EmdkZUXS7tt64aRHPnKJpn_znblnTgFLecPDn7eOKk8vEhA10fWySt8GJr7Lz1qnx3z9uQ== Show response
fundingchoicesmessages.google.com/f/ 450 KB
65 KB 114ms
107ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUJ-RCF-BoLgHV3mfQCIZ0iiInryqHoUYruSgKAPOFrDIWn_pnMPESc7eE8GK_l3eo2EmdkZUXS7tt64aRHPnKJpn_znblnTgFLecPDn7eOKk8vEhA10fWySt8GJr7Lz1qnx3z9uQ==?fccs=W1siQUtzUm9sOVk2SERUYzg2SnFPTnBDNnFvcXJRcVQ5UjNNZVNHRzVKbF95czVBQ0dXQUxOR3NWb21rcnM2dk5vVTdPWTUtQndsUWFJby05RU1BMktwVDRoX2Q0Tk5VanlCNEdNWjE1OW1zUVpGUC1QaVp2OUR2VENDSi0xRnVsQ0RnUTZiTUMzOFVNYlctZF8zeWVoYldJUTh1YmFhU19GamN3PT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MTg3OTEzOTcsNjU1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaGFiZXI3LmNvbS9vdG9tb2JpbC1oYWJlcmxlcmkiLG51bGwsW1s4LCJyTVcxX1dPaWpUOCJdLFs5LCJ0ciJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjksMzEwODQ0OTFdLDEyLDddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40276ee85b6ca52dc1f9ceb4b51bca6c64228a6f8fd35d3651b8334ff434f19d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-04OLKJ7Ge2EAf6S2uGc61g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OJ7dO7qTTWDH8W07GZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NzPUMjOMLDADITUWc"
content-security-policy: script-src 'report-sample' 'nonce-04OLKJ7Ge2EAf6S2uGc61g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVkZtK11HPBC63oG0R81SNwGhy80qv7KOtLn0UH0fs6_GaneqHCM4a_m4xNxGSsDqNeY9r_i9eLCamdemt6nDTIbRa8Q6BxSEJL7RKTgM_UZsR5o1a8UPyb43downJEFHf4RbBrdw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 102ms
101ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVkZtK11HPBC63oG0R81SNwGhy80qv7KOtLn0UH0fs6_GaneqHCM4a_m4xNxGSsDqNeY9r_i9eLCamdemt6nDTIbRa8Q6BxSEJL7RKTgM_UZsR5o1a8UPyb43downJEFHf4RbBrdw==?fccs=W1siQUtzUm9sOVk2SERUYzg2SnFPTnBDNnFvcXJRcVQ5UjNNZVNHRzVKbF95czVBQ0dXQUxOR3NWb21rcnM2dk5vVTdPWTUtQndsUWFJby05RU1BMktwVDRoX2Q0Tk5VanlCNEdNWjE1OW1zUVpGUC1QaVp2OUR2VENDSi0xRnVsQ0RnUTZiTUMzOFVNYlctZF8zeWVoYldJUTh1YmFhU19GamN3PT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE3MTg3OTEzOTcsNzU3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDldLG51bGwsMixudWxsLCJ0ciIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3d3dy5oYWJlcjcuY29tL290b21vYmlsLWhhYmVybGVyaSIsbnVsbCxbWzgsInJNVzFfV09palQ4Il0sWzksInRyIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OSwzMTA4NDQ5MV0sMTIsN10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8373e8bd1a6316c3f2dcbb4ae03a1293ea616d328c7c3f097194537c6081b10c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KzGcfDdejaX9VuTSC1YZRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmJw1JBiWMy_i0ni60smLSB2Sp_BGgLErTfPsU4H4qR_51lLgNhd6yKrPxAbKlxidQZix6JLrJ5ArNpzidUciO-vu8T6HIiLJK6wtgDx7aYrrI-BmOHrFVYOIBbi4Xh27-hONoEfjS-2MyppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoamOsZGMcXGAAAi_xCIg"
content-security-policy: script-src 'report-sample' 'nonce-KzGcfDdejaX9VuTSC1YZRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 08a1b46fc1bacdaea9a940932d8b3569d4988e1b.js Show response
cdn.dimml.io/static/ 2 KB
984 B 104ms
22ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/static/08a1b46fc1bacdaea9a940932d8b3569d4988e1b.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 69c26d2b0269dcbd96f9ce71434675d7b9fed2a6b5c13364f9f4362a6bad38d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-77-nzt: EgwBw7WqEQH3vwIAAAwB1GY4EQH31AUAAA
cache-control: public, max-age=1800
content-encoding: gzip
etag: W/"a8a2ac956c9a"
x-77-cache: HIT
x-dimml-version: 2.2 vH8ffFv9
expires: Thu, 18 Jul 2024 11:41:38 GMT
x-77-pop: frankfurtDE
date: Mon, 11 Nov 2024 02:43:50 GMT
x-77-age: 703
content-type: application/javascript; charset=utf-8
x-77-nzt-ray: 4c1562245bb2005c666f3167cc022f00
vary: Accept-Encoding
server: CDN77-Turbo

GET
H/1.1 404
Not Found 08a1b46fc1bacdaea9a940932d8b3569d4988e1b.js
baltar.dimml.io/flow/ay7c/ 0
0 220ms
49ms Script
text/plain 63.35.101.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://baltar.dimml.io/flow/ay7c/08a1b46fc1bacdaea9a940932d8b3569d4988e1b.js?clientId=2&dom=www.haber7.com&url=https%3A%2F%2Fwww.haber7.com%2Fotomobil-haberleri&gemius_sent_once=0
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.101.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-101-192.eu-west-1.compute.amazonaws.com
Software: dimml-2.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, private, max-age=0
Content-Length: 0
Date: Mon, 11 Nov 2024 02:43:49 GMT
Content-Type: text/plain; charset=utf-8
Vary: *
Server: dimml-2.2
Connection: keep-alive

GET
H2 200 haber7-otorehberi-logo.svg
s.haber7.net/assets/v3/common/images/subsite-logo/ 5 KB
2 KB 137ms
67ms Image
image/svg+xml 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/subsite-logo/haber7-otorehberi-logo.svg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: ddb30f264a8f2f29f678ab90b9bd3ba30c668fb2b654537181d7b705a9cea1ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5d9457c5-14d8"
pragma: public
age: 1626444
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:49 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Oct 2019 07:54:45 GMT
server: MerlinCDN

GET /
invalid/ 0
0

GET
H2 200 osd_2024_yilinin_ilk_5_aylik_verilerini_acikladi_1718610371_9717.jpg
i12.haber7.net/haber/haber7/bigmanset/2024/25/ 47 KB
47 KB 82ms
22ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net/haber/haber7/bigmanset/2024/25/osd_2024_yilinin_ilk_5_aylik_verilerini_acikladi_1718610371_9717.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 1f17d8be4a60277c5cb2953aeade49ccf5f28cb11b056f3eb9a6a56aed43b6fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"666fe9c6-12a5a"
pragma: public
age: 205500
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 48218
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Mon, 17 Jun 2024 07:46:14 GMT
server: MerlinCDN

GET
H2 200 sakaryadan_ilk_5_ayda_yaklasik_25_milyar_dolarlik_ihracat_1718610316_8135.jpg
i12.haber7.net/haber/haber7/bigmanset/2024/25/ 27 KB
27 KB 26ms
26ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net/haber/haber7/bigmanset/2024/25/sakaryadan_ilk_5_ayda_yaklasik_25_milyar_dolarlik_ihracat_1718610316_8135.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 9054f91528c1203fd6fda3fef9d8a23319e44bc60158d74c861993d2a4026953

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"666fe98f-12e94"
pragma: public
age: 205500
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 27656
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Mon, 17 Jun 2024 07:45:19 GMT
server: MerlinCDN

GET
H2 200 tesla_duyurdu_tamamen_otonom_surus_testleri_cinde_yapilacak_1718534723_8248.jpg
i12.haber7.net/haber/haber7/bigmanset/2024/24/ 33 KB
33 KB 33ms
33ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net/haber/haber7/bigmanset/2024/24/tesla_duyurdu_tamamen_otonom_surus_testleri_cinde_yapilacak_1718534723_8248.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 25d9c240933dcf03305e56ab29347df255e0a87f9da667cdead689b436e9f54a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"666ec246-138c3"
pragma: public
age: 205500
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 33792
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 16 Jun 2024 10:45:26 GMT
server: MerlinCDN

GET
H2 200 peugeot_turkiye_yeni_rifter_satislarindan_memnun_1718534810_3866.jpg
i13.haber7.net/haber/haber7/topcuff/2024/24/ 6 KB
7 KB 202ms
27ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i13.haber7.net/haber/haber7/topcuff/2024/24/peugeot_turkiye_yeni_rifter_satislarindan_memnun_1718534810_3866.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: b0d570e07882acaa0e33623c9b9e8428d9ade3bb7176d4e48777b4c9c4f77256

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"666ec29c-374d"
pragma: public
age: 196457
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 6378
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 16 Jun 2024 10:46:52 GMT
server: MerlinCDN

GET
H2 200 ds_modellerinde_haziran_ayina_ozel_kampanyalar_1718533567_5679.jpg
i13.haber7.net/haber/haber7/topcuff/2024/24/ 7 KB
7 KB 223ms
47ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i13.haber7.net/haber/haber7/topcuff/2024/24/ds_modellerinde_haziran_ayina_ozel_kampanyalar_1718533567_5679.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: dc93d18af9129e84b65ebb7153fc79797b901edc4c08f9bd81e7b60be3f46337

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"666ebdc2-324c"
pragma: public
age: 196457
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 6896
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 16 Jun 2024 10:26:10 GMT
server: MerlinCDN

GET
H2 200 otomotiv_satislarinda_5_aylik_yukselis_1717494013_459.jpg
i13.haber7.net/haber/haber7/topcuff/2024/23/ 6 KB
7 KB 217ms
42ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i13.haber7.net/haber/haber7/topcuff/2024/23/otomotiv_satislarinda_5_aylik_yukselis_1717494013_459.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 6a203c1839f749a845ebf3047231c8871c038a266fe71a0d150037a0ad4fa935

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"665ee100-3788"
pragma: public
age: 196457
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 6630
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Tue, 04 Jun 2024 09:40:16 GMT
server: MerlinCDN

GET
H2 200 togg_sahiplerinin_yuzde_80i_d_smart_goyu_kullanmaya_basladi_1715841812_0531.jpg
i13.haber7.net/haber/haber7/topcuff/2024/20/ 4 KB
5 KB 198ms
24ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i13.haber7.net/haber/haber7/topcuff/2024/20/togg_sahiplerinin_yuzde_80i_d_smart_goyu_kullanmaya_basladi_1715841812_0531.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: d88439ab6def208c0fdfbf4cee840607fd5e45a812d39ffee9931195a0a17ba2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"6645ab15-2b31"
pragma: public
age: 196457
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 4556
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Thu, 16 May 2024 06:43:33 GMT
server: MerlinCDN

GET
H2 200 cinli_sirket_geely_surucusuz_araclara_hizmet_vermesi_planlanan_uydularini_firlatti_1707064027_0707.jpg
i12.haber7.net/haber/haber7/thumbsbigmanset/2024/05/ 10 KB
10 KB 31ms
27ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net/haber/haber7/thumbsbigmanset/2024/05/cinli_sirket_geely_surucusuz_araclara_hizmet_vermesi_planlanan_uydularini_firlatti_1707064027_0707.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 8ae050ffec3c9d094f75bb3eb061d05fbb677d02faacbd35bf899c1d66434bf9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"65bfbadd-6d7f"
pragma: public
age: 579764
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 9902
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 04 Feb 2024 16:27:09 GMT
server: MerlinCDN

GET
H2 200 yeni_nesil_elektrikli_arac_very_dunya_markasi_olma_yolunda_1700142348_26.jpg
i12.haber7.net//haber/haber7/thumbs_big/2023/46/ 9 KB
9 KB 32ms
29ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs_big/2023/46/yeni_nesil_elektrikli_arac_very_dunya_markasi_olma_yolunda_1700142348_26.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 39dbb19d3807b99e8ba4e142ede9d00870420823bb4c714b463e814158418803

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"65561d0f-34af"
pragma: public
age: 579764
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 8838
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Thu, 16 Nov 2023 13:45:51 GMT
server: MerlinCDN

GET
H2 200 yeni_jaecoo_j8in_dunya_lansmani_yapildi_1696760279_2957.jpg
i12.haber7.net//haber/haber7/thumbs_big/2023/40/ 7 KB
8 KB 35ms
32ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs_big/2023/40/yeni_jaecoo_j8in_dunya_lansmani_yapildi_1696760279_2957.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 594237ef43edd045c683ea1d129bc781999f337829ab91331a2dc4e5f88ed85f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"652281da-2c4c"
pragma: public
age: 579764
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 7668
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 08 Oct 2023 10:18:02 GMT
server: MerlinCDN

GET
H2 200 hyundai_bayon_haziran_fiyat_listesi_aciklandi_1655280528_2879.jpg
i12.haber7.net//haber/haber7/thumbs/2022/24/ 2 KB
2 KB 35ms
32ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2022/24/hyundai_bayon_haziran_fiyat_listesi_aciklandi_1655280528_2879.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 39b347808378edbdd0a2bf75c0be3b9c7bcaf892f32bf65687ae4543c5b845ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"62a99394-f70"
pragma: public
age: 1593201
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 2200
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Wed, 15 Jun 2022 08:08:52 GMT
server: MerlinCDN

GET
H2 200 volocopterin_4_kisilik_hava_taksisi_ilk_ucusunu_yapti_1655303352_6653.jpg
i12.haber7.net//haber/haber7/thumbs/2022/24/ 2 KB
3 KB 39ms
36ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2022/24/volocopterin_4_kisilik_hava_taksisi_ilk_ucusunu_yapti_1655303352_6653.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 606a37bbb0ccf3ebee4943a5a52f29fe3558a8f2a66056de03d0d16daf81e1de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"62a9ecbc-10cd"
pragma: public
age: 1593200
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 2440
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Wed, 15 Jun 2022 14:29:16 GMT
server: MerlinCDN

GET
H2 200 firsatcilarin_sifir_otomobil_oyunu_desifre_oldu_1652709322_3892.jpg
i12.haber7.net//haber/haber7/thumbs/2022/20/ 4 KB
5 KB 39ms
36ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2022/20/firsatcilarin_sifir_otomobil_oyunu_desifre_oldu_1652709322_3892.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 4d23030f8672131f98be435ebecbc5e26c02e470f51aeb796475bfcb5364b1ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"628257ce-1467"
pragma: public
age: 1593201
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 4530
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Mon, 16 May 2022 13:55:26 GMT
server: MerlinCDN

GET
H2 200 haber7-logo-gray.svg
s.haber7.net/assets/v3/common/images/ 10 KB
4 KB 52ms
49ms Image
image/svg+xml 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/haber7-logo-gray.svg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 820d5550d9f6fa324fb9757f24f9df0c51e62e15066d141613715d1979c32db7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5a704931-26f7"
pragma: public
age: 1942291
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Jan 2018 10:30:09 GMT
server: MerlinCDN

GET
H2 200 mobile-banner.svg
i2.haber7.net/assets/v3/common/images/ 19 KB
7 KB 138ms
25ms Image
image/svg+xml 89.187.169.43
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.haber7.net/assets/v3/common/images/mobile-banner.svg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN /
Resource Hash: 1ac1e6773c02e6ce9b48f5a7e86aa3bf8d4a21f86972439e0323641af0b50a4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5a86a1b2-4bdc"
pragma: public
age: 1950264
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Feb 2018 09:17:38 GMT
server: MerlinCDN

GET
H2 200 mobile-banner-close.svg
i2.haber7.net/assets/v3/common/images/ 2 KB
1 KB 131ms
21ms Image
image/svg+xml 89.187.169.43
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.haber7.net/assets/v3/common/images/mobile-banner-close.svg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN /
Resource Hash: c9b15e4ddc96a6c11ad7d894e118031b48c2a4c2e45eb92aa56f2f0ad517f83f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5a86a1b2-6b2"
pragma: public
age: 1950264
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Feb 2018 09:17:38 GMT
server: MerlinCDN

GET
H2 200 jquery-1.11.3.min.js Show response
s.haber7.net/assets/v3/common/js/libs/ 94 KB
34 KB 41ms
29ms Script
application/javascript 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/js/libs/jquery-1.11.3.min.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: W/"5a704935-176d5"
age: 1941523
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript
last-modified: Tue, 30 Jan 2018 10:30:13 GMT
vary: Accept-Encoding
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
server: MerlinCDN

GET
H2 200 plugin.min.js Show response
s.haber7.net/assets/v3/common/js/ 102 KB
32 KB 49ms
37ms Script
application/javascript 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/js/plugin.min.js?v3
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 3a93f3dc8d6fc1fbcc29bd3b8c10e9b5680cb4ddf2ce123bafa8f37d6674e97c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: W/"5ccfe631-198be"
age: 1941523
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2019 07:45:53 GMT
vary: Accept-Encoding
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
server: MerlinCDN

GET
H2 200 main.min.js Show response
s.haber7.net/assets/v3/common/js/ 22 KB
6 KB 57ms
46ms Script
application/javascript 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/js/main.min.js?v17.5
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 0492ad3e3e9a451c443a93f65e07027f588e09d5fbe1d85acf18a8ea52094eaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: W/"61aa0cba-56d8"
age: 1941523
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript
last-modified: Fri, 03 Dec 2021 12:25:30 GMT
vary: Accept-Encoding
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
server: MerlinCDN

GET
H3 200 DFPAudiencePixel;ord=2139298563102.2275;dc_seg=572121772
pubads.g.doubleclick.net/activity;dc_iu=/78792240/ 42 B
63 B 177ms
89ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/78792240/DFPAudiencePixel;ord=2139298563102.2275;dc_seg=572121772?

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 11 Nov 2024 02:43:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 DFPAudiencePixel;ord=7111703105334.868;dc_seg=572933091
pubads.g.doubleclick.net/activity;dc_iu=/78792240/ 42 B
63 B 293ms
206ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/78792240/DFPAudiencePixel;ord=7111703105334.868;dc_seg=572933091?

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 11 Nov 2024 02:43:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 b_klibs.js Show response
s.haber7.net/assets/v3/common/js/libs/ 842 B
771 B 57ms
46ms Script
application/javascript 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/js/libs/b_klibs.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 6f1ee820e9ef37502ed2cda8a67622e575c360bb2e994f2338dde118b287a967

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: W/"5e85fb27-34a"
age: 1942310
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript
last-modified: Thu, 02 Apr 2020 14:48:07 GMT
vary: Accept-Encoding
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
server: MerlinCDN

GET /
invalid/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 71ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186571064-1&l=dataLayer&cx=c&gtm=45je4b70v9124955692za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H7CJT1LEHL&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84975f8c034ad75f4cba5340c38c21437f4663c814df00f14e6031c796bb7552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 02:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 76965
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 container.html
44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 684C 0
0 105ms
29ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 02:43:50 GMT
expires: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5EAE 0
0 105ms
105ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 02:43:50 GMT
expires: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75EB 0
0 103ms
103ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 02:43:50 GMT
expires: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 hyundai_bayon_haziran_fiyat_listesi_aciklandi_1655280528_2879.jpg
i12.haber7.net//haber/haber7/thumbs/2022/24/ 2 KB
0 37ms
37ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2022/24/hyundai_bayon_haziran_fiyat_listesi_aciklandi_1655280528_2879.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 39b347808378edbdd0a2bf75c0be3b9c7bcaf892f32bf65687ae4543c5b845ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"62a99394-f70"
pragma: public
age: 1593201
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 2200
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Wed, 15 Jun 2022 08:08:52 GMT
server: MerlinCDN

GET
H2 200 volocopterin_4_kisilik_hava_taksisi_ilk_ucusunu_yapti_1655303352_6653.jpg
i12.haber7.net//haber/haber7/thumbs/2022/24/ 2 KB
0 40ms
40ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2022/24/volocopterin_4_kisilik_hava_taksisi_ilk_ucusunu_yapti_1655303352_6653.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 606a37bbb0ccf3ebee4943a5a52f29fe3558a8f2a66056de03d0d16daf81e1de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"62a9ecbc-10cd"
pragma: public
age: 1593200
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 2440
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Wed, 15 Jun 2022 14:29:16 GMT
server: MerlinCDN

GET
H2 200 firsatcilarin_sifir_otomobil_oyunu_desifre_oldu_1652709322_3892.jpg
i12.haber7.net//haber/haber7/thumbs/2022/20/ 4 KB
0 40ms
40ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2022/20/firsatcilarin_sifir_otomobil_oyunu_desifre_oldu_1652709322_3892.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 4d23030f8672131f98be435ebecbc5e26c02e470f51aeb796475bfcb5364b1ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"628257ce-1467"
pragma: public
age: 1593201
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 4530
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Mon, 16 May 2022 13:55:26 GMT
server: MerlinCDN

GET
H2 200 haber7-back-button.svg
s.haber7.net/assets/v3/common/images/ 4 KB
2 KB 49ms
48ms Image
image/svg+xml 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/haber7-back-button.svg
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: b4d248f6e283f5be3a88a165614525c1e92249d380e9fd4bf7ff61c85034d369

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5d9ed8dd-1095"
pragma: public
age: 1941523
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 07:08:13 GMT
server: MerlinCDN

GET
H2 200 Gilroy-Bold.woff2
s.haber7.net/assets/v3/common/css/fonts/gilroy/ 45 KB
45 KB 95ms
40ms Font
application/octet-stream 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/css/fonts/gilroy/Gilroy-Bold.woff2
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: c5c569a288f181229b1c08e04d60ee27d3ff22669033c6162519fd29eceb2bed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dgkmv09xcw2.click
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "5a704937-b37c"
age: 1942166
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/octet-stream
last-modified: Tue, 30 Jan 2018 10:30:15 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45948
server: MerlinCDN

GET
H2 200 chevron-left.svg
s.haber7.net/assets/v3/common/images/ 1 KB
1 KB 46ms
45ms Image
image/svg+xml 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/chevron-left.svg
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: b6ce309f5a77f2ae1180b3bd4ae9ae61bb02547fed87746009791753882fd5b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5a704931-5d3"
pragma: public
age: 1941843
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Jan 2018 10:30:09 GMT
server: MerlinCDN

GET
H2 200 chevron-right.svg
s.haber7.net/assets/v3/common/images/ 1 KB
1006 B 46ms
45ms Image
image/svg+xml 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/chevron-right.svg
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: ddcbcb1da216db4ef9d9bbc1d2b87d9a90767e698a0be65214362138cb2d83c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5a704931-571"
pragma: public
age: 1941843
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Jan 2018 10:30:09 GMT
server: MerlinCDN

GET
H2 200 sport-multimedia-icon.svg
s.haber7.net/assets/v3/common/images/ 959 B
784 B 45ms
45ms Image
image/svg+xml 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/sport-multimedia-icon.svg
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 0c476863481385ee07a0022e27a9b5c663b8db814adda53118dcc1c6d57b8d6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
content-encoding: br
etag: W/"5d443d7b-3bf"
pragma: public
age: 1927530
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Aug 2019 13:41:15 GMT
server: MerlinCDN

GET
H2 200 mobile-app-button.png
s.haber7.net/assets/v3/common/images/ 4 KB
4 KB 46ms
44ms Image
image/png 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/mobile-app-button.png
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: c546a4ad8676ceb80ec75d89e894a5dcd026321648cfeb847948648e798c7dc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "5cb886a0-1088"
age: 1942191
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 14:16:00 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4232
server: MerlinCDN

GET
H2 200 footer-brands.png
s.haber7.net/assets/v3/common/images/ 9 KB
9 KB 46ms
45ms Image
image/png 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.haber7.net/assets/v3/common/images/footer-brands.png?v1
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 0e8840bdefa330da729a426dd045b1b56a33d1789e76f939705399dcb79d6d9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "5cb888f7-2262"
age: 1942191
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 14:25:59 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8802
server: MerlinCDN

GET
H2 200 Material-Design-Iconic-Font.woff2
s.haber7.net/assets/v3/common/css/fonts/material-icon/ 35 KB
35 KB 135ms
80ms Font
application/octet-stream 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/css/fonts/material-icon/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 0c03abd545ac7aee1d1700e288571db0f4d0058fc7a1c40d768ca483f4a8bcfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dgkmv09xcw2.click
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "65392e90-8be8"
age: 1942166
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/octet-stream
last-modified: Wed, 25 Oct 2023 15:04:48 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35816
server: MerlinCDN

GET
H2 200 Gilroy-Black.woff2
s.haber7.net/assets/v3/common/css/fonts/gilroy/ 43 KB
44 KB 120ms
66ms Font
application/octet-stream 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/css/fonts/gilroy/Gilroy-Black.woff2
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 0dd2d6a97aa837eedac318ea8c6a3e7a3051dfafa24128a4c97276c278c31cbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dgkmv09xcw2.click
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "5a704936-ad54"
age: 1942273
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/octet-stream
last-modified: Tue, 30 Jan 2018 10:30:14 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44372
server: MerlinCDN

GET
H2 200 adelle-sans-bold.ttf
s.haber7.net/assets/v3/common/css/fonts/adelle-sans/ 85 KB
85 KB 160ms
106ms Font
application/octet-stream 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/css/fonts/adelle-sans/adelle-sans-bold.ttf
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 751898b8305c01fbe0ec7e04a90f56657e0c527510e82a0df8958a3b136b6290

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dgkmv09xcw2.click
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "5d7f835b-15400"
age: 1942166
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/octet-stream
last-modified: Mon, 16 Sep 2019 12:43:07 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 87040
server: MerlinCDN

GET
H2 200 adelle-sans-semiBold.woff
s.haber7.net/assets/v3/common/css/fonts/adelle-sans/ 104 KB
104 KB 142ms
88ms Font
application/font-woff 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/css/fonts/adelle-sans/adelle-sans-semiBold.woff
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: fbac0eddc1624bafe726d973aa0278e64422a801c31998d9e7bf10d307d26dfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dgkmv09xcw2.click
Referer: https://s.haber7.net/assets/v3/common/css/main.min.css?v18.8

Response headers

etag: "5d7f835b-19eb0"
age: 1942166
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/font-woff
last-modified: Mon, 16 Sep 2019 12:43:07 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 106160
server: MerlinCDN

GET
H2 200 226d701d78bb260eac87ceb4cddee901a3e15c27.js Show response
cdn.dimml.io/static/ 57 B
400 B 134ms
129ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/static/226d701d78bb260eac87ceb4cddee901a3e15c27.js
Requested by: Host: cdn.dimml.io
URL: https://cdn.dimml.io/dimml.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b81c645367639f094667a69407b75262f91680cc93036628436b525cf0438747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-77-nzt: EggBw7WqEQFBDAElE8IuAZOGRAAA
cache-control: public, max-age=60
content-encoding: gzip
etag: W/"f9a1c7f446c1"
x-77-cache: MISS
x-dimml-version: 2.2
expires: Mon, 11 Nov 2024 02:44:50 GMT
x-77-pop: frankfurtDE
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/javascript; charset=utf-8
x-77-nzt-ray: 4c1562245bb2005c666f3167f923a90f
vary: Accept-Encoding
server: CDN77-Turbo

GET
H3 404 34 Show response
dgkmv09xcw2.click/api/widget/weather/ 808 B
1 KB 263ms
262ms XHR
text/html 2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgkmv09xcw2.click/api/widget/weather/34
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/js/libs/jquery-1.11.3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Referer: https://dgkmv09xcw2.click/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShiAkkSK%2FwLnOik4zcFSgX8jhCK9sE4ruALqf34SyvbvgHfoTNzgWwyakyuVhvcdbsRDuekE52wmBblpI1KcacbwHs%2B72DOVNvLAdGuSp9xJ8yZ3J90qTROx8HiWTkh%2FdXHMsOBYgzkkbnh%2Fcw4%2Bvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0aefdfb9d210bf-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=124951&sent=51&recv=35&lost=0&retrans=0&sent_bytes=39158&recv_bytes=8032&delivery_rate=115264&cwnd=22800&unsent_bytes=0&cid=50cf7b14d2ac5ebd&ts=6748&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: text/html
last-modified: Mon, 04 Nov 2024 22:09:04 GMT
vary: accept-encoding
priority: u=1,i

GET
H3 404 34 Show response
dgkmv09xcw2.click/api/widget/pray-times/ 808 B
1 KB 266ms
264ms XHR
text/html 2606:4700:3037::6815:2d9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgkmv09xcw2.click/api/widget/pray-times/34?format=json
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/js/libs/jquery-1.11.3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Referer: https://dgkmv09xcw2.click/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2BwZ9q1pT%2FFHNiy9YnxiWEu86q6Xoyy8lAbsauocvgQui4rNdp2JTRk2Ib22TfX2uh08z%2BZlLH5x23YEWYdCXi1Vtw3aOO0czAxnmGRWdQIPUlRZPLI9R%2BosRMo7xK9ISqS0oVGGeAJrTSyrs65wEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0aefdfb9d410bf-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=124951&sent=52&recv=35&lost=0&retrans=0&sent_bytes=40294&recv_bytes=8032&delivery_rate=115264&cwnd=22800&unsent_bytes=0&cid=50cf7b14d2ac5ebd&ts=6751&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: text/html
last-modified: Mon, 04 Nov 2024 22:09:04 GMT
vary: accept-encoding
priority: u=1,i

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 220 KB
0 195ms
195ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.yandex.ru/metrika/tag.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "672b9036-129f3"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Mon, 11 Nov 2024 03:43:50 GMT
access-control-allow-origin: *
content-length: 76275
date: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
content-type: application/javascript

GET
H2 200 tracker1.js Show response
cdn.p.analitik.bik.gov.tr/ 34 KB
0 2ms
2ms Script
text/plain 185.73.200.217
COMNET-DATACENTER...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.73.200.217 Istanbul, Turkey, ASN61135 (COMNET-DATACENTER-ISTANBUL, TR),
Reverse DNS: reverse.comnetnetwork.com
Software: MerlinCDN /
Resource Hash: 275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: tr-ist-shy-s18
access-control-max-age: 2592000
cache-control: max-age=3600
age: 3231
x-midtier: tr-ist-shy-s10
access-control-allow-methods: OPTIONS, GET, POST
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
access-control-allow-origin: *
date: Mon, 11 Nov 2024 02:43:50 GMT
server: MerlinCDN

GET
H2 200 dimml.js Show response
cdn.dimml.io/ 18 KB
0 2ms
2ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dimml.io/dimml.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 45d0221a80b4134f7bde5bd8d2e8acf2d24fc1cfe09365ac9181f3782155e545

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-77-nzt: EgwBw7WqEQH3L8EAAAwBJRPCMQG3AAAAAA
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"4e71cbb46ac9"
x-77-cache: HIT
expires: Wed, 18 Sep 2024 12:58:41 GMT
x-77-pop: frankfurtDE
date: Mon, 11 Nov 2024 02:43:50 GMT
x-77-age: 49455
content-type: application/javascript; charset=utf-8
x-77-nzt-ray: 4c1562245bb2005c666f3167195f730d
vary: Accept-Encoding
server: CDN77-Turbo

GET
H3 200 DFPAudiencePixel;ord=8130540010890.348;dc_seg=572121772
pubads.g.doubleclick.net/activity;dc_iu=/78792240/ 42 B
63 B 251ms
205ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/78792240/DFPAudiencePixel;ord=8130540010890.348;dc_seg=572121772?

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 11 Nov 2024 02:43:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 DFPAudiencePixel;ord=3807482720231.9404;dc_seg=572933091
pubads.g.doubleclick.net/activity;dc_iu=/78792240/ 42 B
63 B 241ms
208ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/78792240/DFPAudiencePixel;ord=3807482720231.9404;dc_seg=572933091?

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 11 Nov 2024 02:43:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 500
Internal Server Error bk-coretag.js
tags.bkrtx.com/js/ 0
0 32ms
32ms Script
text/html 23.196.241.254
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.241.254 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-241-254.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 11 Nov 2024 02:43:50 GMT
Content-Length: 27
Date: Mon, 11 Nov 2024 02:43:50 GMT
AK-GRN: 0.b17b1302.1731293030.2958bc1d
Content-Type: text/html

GET
H/1.1 500
Internal Server Error 64465
tags.bluekai.com/site/ 0
0 24ms
23ms Script
text/html 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/64465?ret=js&limit=1
Requested by: Host: s.haber7.net
URL: https://s.haber7.net/assets/v3/common/js/libs/b_klibs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 11 Nov 2024 02:43:50 GMT
Content-Length: 27
Date: Mon, 11 Nov 2024 02:43:50 GMT
AK-GRN: 0.548f1402.1731293030.1068171e
Content-Type: text/html

GET
H2 200 container.html
44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 465C 0
0 0ms
0ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 02:43:50 GMT
expires: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 785434278510362 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 91ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/785434278510362?v=2.9.176&r=stable&domain=dgkmv09xcw2.click&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

badb498222b91374b9f73d58608448ab5763765d22f20e97680114a271b81cfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-vw4Dgrce' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vw4Dgrce' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=87, mss=1232, tbw=83777, tp=80, tpl=0, uplat=69, ullat=0
pragma: public
x-fb-debug: 04L7qaFI0ApePxX5PIeR56NS1ImTt4cu3xShCIlh+qHjRSUPskz6ceL7vyAZtQ22U+N1Sz5G+/SIHsHrecKIqA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 5BFD 0
0 78ms
33ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EnUxVAO3zo1EKfgGSad2tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EnUxVAO3zo1EKfgGSad2tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 02:43:50 GMT
expires: Mon, 11 Nov 2024 02:43:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F6BE 0
0 62ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29488
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 01:54:03 GMT
expires: Mon, 11 Nov 2024 02:44:03 GMT
last-modified: Mon, 28 Oct 2024 19:44:21 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net/haber/haber7/thumbsbigmanset/2024/05/cinli_sirket_geely_surucusuz_araclara_hizmet_vermesi_planlanan_uydularini_firlatti_1707064027_0707.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 8ae050ffec3c9d094f75bb3eb061d05fbb677d02faacbd35bf899c1d66434bf9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"65bfbadd-6d7f"
pragma: public
age: 579764
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 9902
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 04 Feb 2024 16:27:09 GMT
server: MerlinCDN

GET
H2 200 yeni_nesil_elektrikli_arac_very_dunya_markasi_olma_yolunda_1700142348_26.jpg
i12.haber7.net//haber/haber7/thumbs_big/2023/46/ 9 KB
0 1ms
1ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs_big/2023/46/yeni_nesil_elektrikli_arac_very_dunya_markasi_olma_yolunda_1700142348_26.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 39dbb19d3807b99e8ba4e142ede9d00870420823bb4c714b463e814158418803

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"65561d0f-34af"
pragma: public
age: 579764
x-midtier: nl-naw3-ws-s14
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 8838
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Thu, 16 Nov 2023 13:45:51 GMT
server: MerlinCDN

GET
H2 200 yeni_jaecoo_j8in_dunya_lansmani_yapildi_1696760279_2957.jpg
i12.haber7.net//haber/haber7/thumbs_big/2023/40/ 7 KB
0 1ms
1ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs_big/2023/40/yeni_jaecoo_j8in_dunya_lansmani_yapildi_1696760279_2957.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 594237ef43edd045c683ea1d129bc781999f337829ab91331a2dc4e5f88ed85f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"652281da-2c4c"
pragma: public
age: 579764
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 7668
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Sun, 08 Oct 2023 10:18:02 GMT
server: MerlinCDN

GET
H2 200 P70xM_1714370118_0514.jpg
i12.haber7.net//haber/haber7/thumbs/2024/18/ 4 KB
4 KB 23ms
21ms Image
image/webp 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i12.haber7.net//haber/haber7/thumbs/2024/18/P70xM_1714370118_0514.jpg
Requested by: Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 7f04cb95c0faf3e7f03819b7a5ecf0eab508172c80b5b3c0038b1ec2355be048

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
etag: W/"662f3649-1c87"
pragma: public
age: 579764
x-midtier: de-fra-dp-s05
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
content-length: 4322
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/webp
last-modified: Mon, 29 Apr 2024 05:55:21 GMT
server: MerlinCDN

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/ 490 KB
151 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e944876c5fd13cc8ed0441c1a8bac2657147995d36634ce300b5ada152cbf52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: br
etag: 6558442857186661420
age: 58598
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 10:27:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 10 Nov 2024 10:27:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155051
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
76 B 37ms
36ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dgkmv09xcw2.click

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84983b561e13c4eece543aafd6dc3ff64334816b85c715ba175c764d80877604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 02:43:50 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 52
date: Mon, 11 Nov 2024 02:43:50 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 72ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=785434278510362&ev=PageView&dl=https%3A%2F%2Fdgkmv09xcw2.click%2F&rl=https%3A%2F%2Fdgkmv09xcw2.click%2F&if=false&ts=1731293030497&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731293030495.41535762510809455&cdl=API_unavailable&it=1731293030362&coo=false&rqm=GET

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2932, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 244ms
193ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=785434278510362&ev=PageView&dl=https%3A%2F%2Fdgkmv09xcw2.click%2F&rl=https%3A%2F%2Fdgkmv09xcw2.click%2F&if=false&ts=1731293030497&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731293030495.41535762510809455&cdl=API_unavailable&it=1731293030362&coo=false&rqm=FGET

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435846943781173424"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 02:43:50 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: qG5+KwpW8mPICUvsZd5H13NeJexDFNwLYcnsKaUv2tdjK1lmqjnTLb+G6GYt62WuElUTw5qRSSIwNwkkEHdNww==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435846943781173424", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1328, tbw=3250, tp=-1, tpl=-1, uplat=170, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10549.XtENqj4mHoKKl1udJ057UbwR8ZjxZ79it44jjvDtZVa4a_xb12YWXXfp2apSBT8M.6_EpNsluOZbag8gqWQcfxkHAGzY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10549.3r4QwpXGhnFWzaQvisORG11sLCmkKtNX33PmTfLOoFKaZafvzCsWijpzz4Nelp1GX-yqCnl-vcm8KvAEwukWMJ71RJH7_o23AmlHCzN47YNxWQhzlinAwynnW6cL5N-F9EBhadu05R...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10549.o91TwpXWzqmMjjRP39ZYzCGMQZU9nbV_ZqqjnwiT9tCzQWLnnGngBvWr5fgx-5xKL5reMvMZMDf_TI_Ss3jEYlApJZtvFPcssddmurXO-NiYb...

43 B
584 B

79ms
79ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10549.o91TwpXWzqmMjjRP39ZYzCGMQZU9nbV_ZqqjnwiT9tCzQWLnnGngBvWr5fgx-5xKL5reMvMZMDf_TI_Ss3jEYlApJZtvFPcssddmurXO-NiYbhr9jQD8KYYaig1VtZ42m12T0VfscfV2pXSpFyu2itFq8Bqfc7zpH-7mBGMho9iORavFpMyMGvK1pp00WQo92onXEVr5gr2NdDX7wCDe3w%2C%2C.30fcXLuf5k83jMRemzoB42xqZ-U%2C

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
date: Mon, 11 Nov 2024 02:43:50 GMT
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10549.o91TwpXWzqmMjjRP39ZYzCGMQZU9nbV_ZqqjnwiT9tCzQWLnnGngBvWr5fgx-5xKL5reMvMZMDf_TI_Ss3jEYlApJZtvFPcssddmurXO-NiYbhr9jQD8KYYaig1VtZ42m12T0VfscfV2pXSpFyu2itFq8Bqfc7zpH-7mBGMho9iORavFpMyMGvK1pp00WQo92onXEVr5gr2NdDX7wCDe3w%2C%2C.30fcXLuf5k83jMRemzoB42xqZ-U%2C
x-xss-protection: 1; mode=block
date: Mon, 11 Nov 2024 02:43:50 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
571 B 81ms
76ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "672b9036-2b"
expires: Mon, 11 Nov 2024 03:43:50 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
421 B 36ms
34ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1437345704&t=pageview&_s=1&dl=https%3A%2F%2Fdgkmv09xcw2.click%2F&ul=de-de&de=UTF-8&dt=Oto%20Rehberi%20-%20Otomobil%20Haberleri%2C%202024%20Yeni%20Otomobil%20Modelleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACAAI~&jid=1424771205&gjid=1851323357&cid=1286679693.1731293031&tid=UA-46117935-7&_gid=1294634909.1731293031&_r=1&gtm=457e4b70za200zb9124955692&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tcfd=1000h&tag_exp=101823848~101925629&jsscut=1&npa=1&z=1622038966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://dgkmv09xcw2.click/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://dgkmv09xcw2.click
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=UA-46117935-7&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

content-encoding: gzip
age: 4654
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 03:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 01:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 31ms
30ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1437345704&t=pageview&_s=1&dl=https%3A%2F%2Fdgkmv09xcw2.click%2F&ul=de-de&de=UTF-8&dt=Oto%20Rehberi%20-%20Otomobil%20Haberleri%2C%202024%20Yeni%20Otomobil%20Modelleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABEAAAACAAI~&jid=122846110&gjid=801440261&cid=1286679693.1731293031&tid=UA-186571064-1&_gid=1294634909.1731293031&_r=1&gtm=457e4b70za200zb9124955692&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tcfd=1000h&tag_exp=101823848~101925629&jsscut=1&npa=1&z=1151208853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://dgkmv09xcw2.click/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 02:43:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://dgkmv09xcw2.click
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame B038 0
0 209ms
70ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dgkmv09xcw2.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1446
content-type: text/html
date: Mon, 11 Nov 2024 02:43:51 GMT
etag: "672b9036-5a6"
expires: Mon, 11 Nov 2024 03:43:51 GMT
last-modified: Wed, 06 Nov 2024 15:50:14 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/14645857/
Redirect Chain

https://mc.yandex.com/watch/14645857?wmode=7&page-url=https%3A%2F%2Fdgkmv09xcw2.click%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A1%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/14645857/1?wmode=7&page-url=https%3A%2F%2Fdgkmv09xcw2.click%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A1%3Aen%3Autf-8%...

596 B
798 B

77ms
77ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/14645857/1?wmode=7&page-url=https%3A%2F%2Fdgkmv09xcw2.click%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A1%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1155467921547%3Ahid%3A291599716%3Az%3A60%3Ai%3A20241111034350%3Aet%3A1731293031%3Ac%3A1%3Arn%3A308581588%3Arqn%3A1%3Au%3A1731293031543663190%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1158%3Awv%3A2%3Ads%3A0%2C0%2C642%2C130%2C130%2C126%2C1%2C448%2C7%2C%2C%2C%2C1351%3Aco%3A0%3Acpf%3A1%3Ans%3A1731293029114%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731293031%3At%3AOto%20Rehberi%20-%20Otomobil%20Haberleri%2C%202024%20Yeni%20Otomobil%20Modelleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29cdl%28na%29eco%2842009088%29ti%281%29

Requested by

Host: dgkmv09xcw2.click
URL: https://dgkmv09xcw2.click/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f47f170bdf35550e292c6afa372c6ecae2353a732ccaec3d4ea013838decd855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Mon, 11-Nov-2024 02:43:51 GMT
access-control-allow-origin: https://dgkmv09xcw2.click
content-length: 596
date: Mon, 11 Nov 2024 02:43:51 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 11-Nov-2024 02:43:51 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/14645857/1?wmode=7&page-url=https%3A%2F%2Fdgkmv09xcw2.click%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A1%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1155467921547%3Ahid%3A291599716%3Az%3A60%3Ai%3A20241111034350%3Aet%3A1731293031%3Ac%3A1%3Arn%3A308581588%3Arqn%3A1%3Au%3A1731293031543663190%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1158%3Awv%3A2%3Ads%3A0%2C0%2C642%2C130%2C130%2C126%2C1%2C448%2C7%2C%2C%2C%2C1351%3Aco%3A0%3Acpf%3A1%3Ans%3A1731293029114%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731293031%3At%3AOto%20Rehberi%20-%20Otomobil%20Haberleri%2C%202024%20Yeni%20Otomobil%20Modelleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29cdl%28na%29eco%2842009088%29ti%281%29
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Mon, 11-Nov-2024 02:43:51 GMT
access-control-allow-origin: https://dgkmv09xcw2.click
date: Mon, 11 Nov 2024 02:43:51 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 11-Nov-2024 02:43:51 GMT

GET
H2 200 favicon.png
s.haber7.net/assets/v3/common/images/favicons/ 1 KB
1 KB 22ms
21ms Other
image/png 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/images/favicons/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 56e06bcd6862e00bdbf0a7d9ed99ac4dea87c6824714afc2b54723d5abebceb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

etag: "5e88f8f2-45e"
age: 1940576
date: Mon, 11 Nov 2024 02:43:51 GMT
content-type: image/png
last-modified: Sat, 04 Apr 2020 21:15:30 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1118
server: MerlinCDN

POST collect
590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr/api/ 0
0

GET
H2 200 favicon.png
s.haber7.net/assets/v3/common/images/favicons/ 1 KB
0 0ms
0ms Other
image/png 185.102.219.173
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://s.haber7.net/assets/v3/common/images/favicons/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 56e06bcd6862e00bdbf0a7d9ed99ac4dea87c6824714afc2b54723d5abebceb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dgkmv09xcw2.click/

Response headers

etag: "5e88f8f2-45e"
age: 1940576
date: Mon, 11 Nov 2024 02:43:51 GMT
content-type: image/png
last-modified: Sat, 04 Apr 2020 21:15:30 GMT
x-cache-status: HIT
x-edge: de-fra-dp-s01
cache-control: max-age=2592000
pragma: public
x-midtier: de-fra-lea-s02
via: HTTP/2.0 Merlin CDN
allow: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1118
server: MerlinCDN

POST collect
590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr/api/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: 590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr
URL: https://590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr/api/collect

Domain: 590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr
URL: https://590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr/api/collect

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dgkmv09xcw2.click/	1970-01-21 00:56:19	Name: __cf_mw_byp Value: OMQyJ.CKYr89mxND9Kt2JAGJ.NK.O67W3NSPUH8XiZE-1731293023-0.0.1.1-/
.dgkmv09xcw2.click/	1970-01-21 03:04:29	Name: _fbp Value: fb.1.1731293030495.41535762510809455
.yandex.ru/	1970-01-21 09:40:29	Name: yashr Value: 654303981731293030
.dgkmv09xcw2.click/	1970-01-21 09:40:29	Name: _ym_uid Value: 1731293031543663190
.dgkmv09xcw2.click/	1970-01-21 09:40:29	Name: _ym_d Value: 1731293031
.yandex.com/	1970-01-21 10:30:53	Name: i Value: 10dDtGZsrjrRZ0j8wtyfUPYKr8DZfvNHhOaN+fttyjnlHJE6z0EUZt8tEG6oZpoIh1onDTjVCY4STHuXeRyJIN67M9k=
.yandex.com/	1970-01-21 09:40:29	Name: yandexuid Value: 2314169551731293030
.yandex.com/	1970-01-21 09:40:29	Name: yashr Value: 5225979351731293030
.dgkmv09xcw2.click/	1970-01-21 00:56:05	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-21 00:54:53	Name: sync_cookie_csrf Value: 570104955fake
.mc.yandex.ru/	1970-01-21 00:54:53	Name: sync_cookie_csrf Value: 3203477686fake
.dgkmv09xcw2.click/	1970-01-21 10:30:53	Name: _ga Value: GA1.2.1286679693.1731293031
.dgkmv09xcw2.click/	1970-01-21 00:56:19	Name: _gid Value: GA1.2.1294634909.1731293031
.dgkmv09xcw2.click/	1970-01-21 00:54:53	Name: _gat_gtag_UA_46117935_7 Value: 1
.dgkmv09xcw2.click/	1970-01-21 00:54:53	Name: _gat_gtag_UA_186571064_1 Value: 1
.mc.yandex.com/	1970-01-21 00:56:19	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 10:30:53	Name: yandexuid Value: 2314169551731293030
.yandex.ru/	1970-01-21 10:30:53	Name: yuidss Value: 2314169551731293030
.yandex.ru/	1970-01-21 10:30:53	Name: i Value: 10dDtGZsrjrRZ0j8wtyfUPYKr8DZfvNHhOaN+fttyjnlHJE6z0EUZt8tEG6oZpoIh1onDTjVCY4STHuXeRyJIN67M9k=
.yandex.ru/	1970-01-21 10:30:53	Name: yp Value: 1731379430.yu.486323361731293030
.yandex.ru/	1970-01-21 09:40:29	Name: ymex Value: 1733885030.oyu.486323361731293030
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1887380261731293031
.yandex.com/	1970-01-21 09:40:29	Name: yuidss Value: 2314169551731293030
.yandex.com/	1970-01-21 09:40:29	Name: ymex Value: 1762829031.yrts.1731293031
.yandex.com/	1970-01-21 09:40:29	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 10:30:53	Name: bh Value: KgI/MGDn3sW5Bg==

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dgkmv09xcw2.click/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dgkmv09xcw2.click/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: https://baltar.dimml.io/flow/ay7c/08a1b46fc1bacdaea9a940932d8b3569d4988e1b.js?clientId=2&dom=www.haber7.com&url=https%3A%2F%2Fwww.haber7.com%2Fotomobil-haberleri&gemius_sent_once=0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tags.bluekai.com/site/64465?ret=js&limit=1 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://tags.bkrtx.com/js/bk-coretag.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://tags.bluekai.com/site/64465?ret=js&limit=1 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://tags.bkrtx.com/js/bk-coretag.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://dgkmv09xcw2.click/api/widget/weather/34 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dgkmv09xcw2.click/api/widget/pray-times/34?format=json Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44b7aeff8be6160a8f055df695f34bc0.safeframe.googlesyndication.com
590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr
baltar.dimml.io
cdn.dimml.io
cdn.p.analitik.bik.gov.tr
connect.facebook.net
dgkmv09xcw2.click
fundingchoicesmessages.google.com
i12.haber7.net
i13.haber7.net
i2.haber7.net
invalid
makroo.haber7.net
mc.yandex.com
mc.yandex.ru
pubads.g.doubleclick.net
s.haber7.net
securepubads.g.doubleclick.net
tags.bkrtx.com
tags.bluekai.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
590a3529-8da1-4f84-8f31-d5a9644f3157.collector.p.analitik.bik.gov.tr
invalid
185.102.219.173
185.73.200.217
23.196.241.254
2606:4700:3037::6815:2d9d
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a02:6b8::1:119
2a02:6ea0:c700::19
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
63.35.101.192
72.246.169.24
89.187.169.43
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
0492ad3e3e9a451c443a93f65e07027f588e09d5fbe1d85acf18a8ea52094eaf
0c03abd545ac7aee1d1700e288571db0f4d0058fc7a1c40d768ca483f4a8bcfe
0c476863481385ee07a0022e27a9b5c663b8db814adda53118dcc1c6d57b8d6a
0dd2d6a97aa837eedac318ea8c6a3e7a3051dfafa24128a4c97276c278c31cbf
0e8840bdefa330da729a426dd045b1b56a33d1789e76f939705399dcb79d6d9b
1ac1e6773c02e6ce9b48f5a7e86aa3bf8d4a21f86972439e0323641af0b50a4f
1ae2a2f41ed190fe3616051fca2e4cd0c8f378e8a1eeb9eb04bba3166fdc5786
1e24ba67d6f01c9105ffe356484c8cd4bd0eb2901d3b8aab168615317c2a8bfe
1f17d8be4a60277c5cb2953aeade49ccf5f28cb11b056f3eb9a6a56aed43b6fd
236a15e073b14e63f6ffde1516871fe01ae4b6f907dcf1693b2de95fd9f57590
25d9c240933dcf03305e56ab29347df255e0a87f9da667cdead689b436e9f54a
275ae68d7e6a744bfa1bfb3d8fd72518dc3144a5d2e9c67c380f640b9c5305d8
2a75a430f2b4fa97286184db94f7062727af73d59701ab445cd4716b28e474ae
2fb1ca35cae62b37baf35f6f98ab26e57c8e8ab5fbaa596b2d38a82bc92f3122
39b347808378edbdd0a2bf75c0be3b9c7bcaf892f32bf65687ae4543c5b845ea
39dbb19d3807b99e8ba4e142ede9d00870420823bb4c714b463e814158418803
3a93f3dc8d6fc1fbcc29bd3b8c10e9b5680cb4ddf2ce123bafa8f37d6674e97c
40276ee85b6ca52dc1f9ceb4b51bca6c64228a6f8fd35d3651b8334ff434f19d
45d0221a80b4134f7bde5bd8d2e8acf2d24fc1cfe09365ac9181f3782155e545
4841d91f60b8131f3b95355c1520bd1058f7cd9853a1f1eb7775582e15d3d7dd
4d23030f8672131f98be435ebecbc5e26c02e470f51aeb796475bfcb5364b1ba
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e06bcd6862e00bdbf0a7d9ed99ac4dea87c6824714afc2b54723d5abebceb3
594237ef43edd045c683ea1d129bc781999f337829ab91331a2dc4e5f88ed85f
606a37bbb0ccf3ebee4943a5a52f29fe3558a8f2a66056de03d0d16daf81e1de
63d04de4e461e000d699209090296a25807d08316fc67cd7bad96f37b08241bb
69c26d2b0269dcbd96f9ce71434675d7b9fed2a6b5c13364f9f4362a6bad38d9
6a203c1839f749a845ebf3047231c8871c038a266fe71a0d150037a0ad4fa935
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba35313a3817648e7d2c5f690b545842a7c0bf43af7bfa87c22b45399c06bcf
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
6ef8235d7ff3ef8aeb7fa7a4baf94b0952657d2f21da8fdf547fa1c0a03e7f0d
6f1ee820e9ef37502ed2cda8a67622e575c360bb2e994f2338dde118b287a967
74b64cd8438c7759fddfc27fb8369233753cda7e4706d2be7095d1621a4ec6a1
751898b8305c01fbe0ec7e04a90f56657e0c527510e82a0df8958a3b136b6290
767762c3f75297509e64786423869f54e73a1e674f4ec4ca9b3a4ba2375dde62
7f04cb95c0faf3e7f03819b7a5ecf0eab508172c80b5b3c0038b1ec2355be048
820d5550d9f6fa324fb9757f24f9df0c51e62e15066d141613715d1979c32db7
8373e8bd1a6316c3f2dcbb4ae03a1293ea616d328c7c3f097194537c6081b10c
83c3ab5eec87adca87f6e074dde73506fda8a844a8ca392df355577f12927f04
84975f8c034ad75f4cba5340c38c21437f4663c814df00f14e6031c796bb7552
84983b561e13c4eece543aafd6dc3ff64334816b85c715ba175c764d80877604
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8ae050ffec3c9d094f75bb3eb061d05fbb677d02faacbd35bf899c1d66434bf9
9054f91528c1203fd6fda3fef9d8a23319e44bc60158d74c861993d2a4026953
90e9e4223254b9f0abac7c42ac43dafe24da567933f19043a9eb93a7e4c32855
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0d570e07882acaa0e33623c9b9e8428d9ade3bb7176d4e48777b4c9c4f77256
b4d248f6e283f5be3a88a165614525c1e92249d380e9fd4bf7ff61c85034d369
b6ce309f5a77f2ae1180b3bd4ae9ae61bb02547fed87746009791753882fd5b1
b81c645367639f094667a69407b75262f91680cc93036628436b525cf0438747
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
badb498222b91374b9f73d58608448ab5763765d22f20e97680114a271b81cfd
c546a4ad8676ceb80ec75d89e894a5dcd026321648cfeb847948648e798c7dc9
c5c569a288f181229b1c08e04d60ee27d3ff22669033c6162519fd29eceb2bed
c9b15e4ddc96a6c11ad7d894e118031b48c2a4c2e45eb92aa56f2f0ad517f83f
cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0
d08d1ae98d994f6d6428627680e04c5ad3379afa4625c19d634053c45ad3334f
d1e91ec3afad7dae7897bca2dfbc5069e2aa70d0b3ff51223fcf2e573eb237de
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
d88439ab6def208c0fdfbf4cee840607fd5e45a812d39ffee9931195a0a17ba2
dc93d18af9129e84b65ebb7153fc79797b901edc4c08f9bd81e7b60be3f46337
ddb30f264a8f2f29f678ab90b9bd3ba30c668fb2b654537181d7b705a9cea1ac
ddcbcb1da216db4ef9d9bbc1d2b87d9a90767e698a0be65214362138cb2d83c7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e944876c5fd13cc8ed0441c1a8bac2657147995d36634ce300b5ada152cbf52d
ebe358a30d722f6cee7ce3878cba0f626327ba89c579d04fd182ecf343b27f5a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f47f170bdf35550e292c6afa372c6ecae2353a732ccaec3d4ea013838decd855
fbac0eddc1624bafe726d973aa0278e64422a801c31998d9e7bf10d307d26dfa

dgkmv09xcw2.click Open in urlscan Pro 2606:4700:3037::6815:2d9d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

93 %HTTPS

68 %IPv6

17 Domains

25 Subdomains

20 IPs

5 Countries

1794 kBTransfer

5270 kBSize

26 Cookies

100 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dgkmv09xcw2.click Open in urlscan Pro
2606:4700:3037::6815:2d9d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

93 %
HTTPS

68 %
IPv6

17
Domains

25
Subdomains

20
IPs

5
Countries

1794 kB
Transfer

5270 kB
Size

26
Cookies

108 HTTP transactions
1 data transactions