hatadeposu.com Open in urlscan Pro
172.67.152.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Submission: On September 30 via manual (September 30th 2023, 1:58:18 pm UTC) from PH — Scanned from CH

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 60 HTTP transactions. The main IP is 172.67.152.39, located in United States and belongs to CLOUDFLARENET, US. The main domain is hatadeposu.com.
TLS certificate: Issued by GTS CA 1P5 on September 1st 2023. Valid for: 3 months.

This is the only time hatadeposu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	172.67.152.39 172.67.152.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.38.80.182 23.38.80.182	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4 10	2a02:26f0:710... 2a02:26f0:7100::211:64f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
60	13

11 172.67.152.39 (United States)

ASN13335 (CLOUDFLARENET, US)

hatadeposu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.80.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-80-182.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:7100::211:64f9 (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	288 KB
11	hatadeposu.com hatadeposu.com	158 KB
10	bing.com 4 redirects www.bing.com — Cisco Umbrella Rank: 87	25 KB
10	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2546 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6584	59 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	55 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683	100 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	115 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 7418	58 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	606 B
60	10

	Domain	Requested by
11	hatadeposu.com	hatadeposu.com
10	www.bing.com	4 redirects googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	hatadeposu.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net hatadeposu.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	maxcdn.bootstrapcdn.com	hatadeposu.com maxcdn.bootstrapcdn.com
2	www.googletagservices.com	googleads.g.doubleclick.net hatadeposu.com
2	cdn.adnxs.com	googleads.g.doubleclick.net hatadeposu.com
2	adsdk.microsoft.com	googleads.g.doubleclick.net hatadeposu.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
60	12

This site contains links to these domains. Also see Links.

Domain
www.question2answer.org

Subject Issuer	Validity	Valid
hatadeposu.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Frame ID: A0FA9185D0DDD75C6DCEA43C69ECEDC7
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 4104985F0350CD179B6878600C1FF366
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325
Frame ID: 360B0766FCE84D8079DBE2B8E8B15674
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=83809533&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293918&bpp=1&bdt=346&idt=329&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90&correlator=6634893074457&frm=20&pv=1&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nuTlXGNso3&p=https%3A//hatadeposu.com&dtd=332
Frame ID: 61EB485D0B01A5BB2326B95580E22206
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&adk=1812271804&adf=3025194257&lmt=1696075094&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293933&bpp=2&bdt=361&idt=320&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90%2C1140x90&nras=1&correlator=6634893074457&frm=20&pv=1&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=332
Frame ID: 4CE8679DF0B8B3FD59384B7EBCF2AF16
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 0B84770DDCC192C5CD45918552914D3E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 018436FCB7EF59E699D04F500C32E4AD
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 80784A9540EEF65CFA70760D74BBDA21
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89D4A0E6011DECE5C819879984D02993
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A84557CF7C097138F86B778971E618B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Üye: jaguarheaven0 - Hatadeposu - Soru Cevap Platformu

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

93 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

858 kB
Transfer

2268 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d2a4e7cb-b48a-4d1b-9267-a1b2fdae2bd5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7c9c64b2-95d3-4987-885b-416102ec4eef&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Df338d0840f2c4a97b1a5be6da69b9205%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7964858&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_oenaq_fnsrgl_oybpxvat&aid=2234944824126967533 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f338d0840f2c4a97b1a5be6da69b9205&SNR=1&GV=2&med=10

Request Chain 36

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fa32b2ed-e7f4-4c38-b401-463a169dbeed&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ec8a69c2-dd9f-4dc0-8645-6f4549df288e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D273a9fe3d60a42808db3ff651793bbc3%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7964858&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp_svygre&aid=2141377973391792681&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=273a9fe3d60a42808db3ff651793bbc3&SNR=1&GV=2&med=10

Request Chain 54

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d2a4e7cb-b48a-4d1b-9267-a1b2fdae2bd5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7c9c64b2-95d3-4987-885b-416102ec4eef&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Df338d0840f2c4a97b1a5be6da69b9205%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7964858&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_oenaq_fnsrgl_oybpxvat&aid=2234944824126967533 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f338d0840f2c4a97b1a5be6da69b9205&tids=15000&med=10

Request Chain 59

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fa32b2ed-e7f4-4c38-b401-463a169dbeed&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ec8a69c2-dd9f-4dc0-8645-6f4549df288e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D273a9fe3d60a42808db3ff651793bbc3%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7964858&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp_svygre&aid=2141377973391792681&wp= HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=273a9fe3d60a42808db3ff651793bbc3&tids=15000&med=10

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jaguarheaven0 Show response
hatadeposu.com/soru-cevap/user/ 14 KB
4 KB 172ms
89ms Document
text/html 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20959fca3aceb596618bc8f1896285c91a82847ce442950e7e0d69abf3abecc8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80ecfabe58715b0e-VIE
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 13:58:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObtlJngE6%2BSvHCPk2K8zIk513xlFqsPpTNvzhhzsk5jyafgKdg1e5fyIuSFUwvWsTTSRVL6GbO4XI9zIpcjsSabq2QlOGnib3hJ3j88YjJOFDfdq%2FN%2F7ogNd1XTZg8NfBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 qa-styles.css
hatadeposu.com/soru-cevap/qa-theme/Donut-theme/ 0
372 B 61ms
60ms Stylesheet
text/css 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/qa-styles.css?1.8.0
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 27 May 2018 21:22:03 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=319
etag: W/"13f-56d3697a24bbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xzf%2BD5yLg8SYXf5296lGLKXHksdpObqZx%2BsEYTktp8a4TcDkZ39ZTjnzHEWZlE8nUTTaV0iGljZNg1yaAfMfIXjaETg%2BHp9e%2BdK8SqiFz5Wq9oyIYyYY6LbJvkgzdToXQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 80ecfabef98f5b0e-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 67ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 1027560
cdn-cachedat: 02/24/2022 14:58:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fbe7e6fea753e22c4e1fd8ba1cf2b066
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80ecfabf1d8a0221-ZRH
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 65ms
25ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 9745444
cdn-cachedat: 2021-08-02 19:09:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a20f8f9fd039c143ec88748f1e9f7c9f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80ecfabf1d8c0221-ZRH
cdn-requestpullsuccess: True

GET
H2 200 donut.min.css
hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/ 81 KB
13 KB 93ms
92ms Stylesheet
text/css 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/donut.min.css?1.6.2
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe7e5ef1079c650ad63c7835098569ec0d48833446f664714b45d39283d6d3a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 May 2018 09:28:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1441b-56d54dae5b577"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZM2s213W7M7kMl5otytQDC5Wshz1eURR0WHdO4GHGoC7KeXsRFRqdohEJ5UaqydM21XX6VdldCyAPMXSUEEnPL%2F0FPq3qV46t%2BFpGwZkSMJe8LvT7c%2FKx5%2Fq3UHjaO8Qaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 80ecfabef9915b0e-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 open-sans.css
hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/ 2 KB
611 B 63ms
62ms Stylesheet
text/css 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/open-sans.css?1.6.2
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4177f822f1cf680a8ac0161618bc63375fdef7b0f672392678bbcdf9d113d1b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 27 May 2018 21:22:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1941
etag: W/"795-56d369821dc3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGAQ6ZbMKpLXFaysgehzNpZhPG6DC68WNPb7DS4fGm63Ca8kMz0mCKJSPQPOlbYQHZ%2FTQbvvzcQXna094KBI3N3POFG6tD5dAzYeHsKBNbvGwqruPdGA99FllMu%2B65Bq2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 80ecfabef9935b0e-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
hatadeposu.com/soru-cevap/qa-content/ 85 KB
31 KB 64ms
63ms Script
application/javascript 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-content/jquery-3.2.1.min.js
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 May 2018 22:38:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15287-56d4bc6292f38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0tsU7TaqNH8Rx9JwJ%2Bu72kE8V7BStSwBvbvTskSy1ac0B4ce35l%2FJpldKip1d08OGoIFzZ0EC0NS97dZbGd3gGmudECAsvZ%2BxfDRsUri9T0Rm5G%2BCG4uOX82lq4HJLdag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80ecfabef9945b0e-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 qa-global.js Show response
hatadeposu.com/soru-cevap/qa-content/ 15 KB
4 KB 61ms
60ms Script
application/javascript 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-content/qa-global.js?1.8.0
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 May 2018 22:38:18 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=20550
etag: W/"5046-56d4bc62d079a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvIRmIcLEt%2Fa1ro1ORh%2FmQmQv25aidVisQoiB0rqKnMFTg3eyEfywflQyw2YwcTmx9jx54uFiB3LN8lkJghpUQ6FBY8WEEUECgExw1e5PugaetHHvNLH5YyQZXZZ3QjOAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80ecfabef9955b0e-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 64ms
24ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 1025371
cdn-cachedat: 2021-08-02 20:17:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5ff25f9a1c8a5b9bb60761eb541fc458
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80ecfabf1d8d0221-ZRH
cdn-requestpullsuccess: True

GET
H2 200 donut.js Show response
hatadeposu.com/soru-cevap/qa-theme/Donut-theme/js/ 3 KB
2 KB 63ms
62ms Script
application/javascript 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/js/donut.js?1.6.2
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1c0d339765dffab97b96d2190bf9d769dff1126b6b464e20fbe7962e9ac0cb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 27 May 2018 21:22:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3233
etag: W/"ca1-56d36985fdf5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPm04RkdUEAu3hAgKiq5cA7KgkZJeVyYPnJmwcMJA3lJ%2F44PBdLAuB65FvNqEbGHmxh3cRi5VCpgtdgf%2Bs2ogwuMhMZDMpK1fvF9fu0OCSU6kP70ZiTOdxBWEPoiDZXHBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 80ecfabef9965b0e-VIE
alt-svc: h3=":443"; ma=86400

GET
H3 200 sorulogo.png
hatadeposu.com/soru-cevap/ 9 KB
9 KB 46ms
46ms Image
image/png 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hatadeposu.com/soru-cevap/sorulogo.png
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e49679d003baa628de3ac1fc48b0e6f3a4b19729786336322b83c535ace45f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
cf-cache-status: HIT
last-modified: Sun, 27 May 2018 21:21:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "22fc-56d36951d1692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRVhtzlBWXYvJciRtqBnNSit1FiZvtvKSTulb%2FsE%2BAnU29FAlylp0Ahu1dqLM8q8G53iUP7cLni4BXAf7dTJYzcoSKlLZ8iC0%2FJrwQL2%2F2Ru0hvaw4SYeDUFa82iUmIsTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80ecfabf88207a3d-DUS
alt-svc: h3=":443"; ma=86400
content-length: 8956

GET
H3 200 email-decode.min.js Show response
hatadeposu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
28ms Script
application/javascript 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hatadeposu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 11:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6514177e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcyriY6evbogIAHZdCS7g12BhFlmUdBwyg1oaGgJxFYff%2FQSLx72z3r%2BzjbYvdZySCxq8WOmXf3iMPyrQRwm26zq8X4tqiGhtVfL3fNYdMsGVnQX11Wp6hvu21QLJPCnxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80ecfabf6fe87a3d-DUS
expires: Mon, 02 Oct 2023 13:58:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 171ms
124ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c2626c8c9c00f66c08a160dff75b4f492e0d4885cfaec32db26bd78e9b5be8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51587
x-xss-protection: 0
server: cafe
etag: 5223348976417903107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:58:13 GMT

GET
H3 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
64 KB 67ms
48ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin: https://hatadeposu.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1053
cdn-cachedat: 11/15/2022 10:30:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 65452
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "d95d6f5d5ab7cfefd09651800b69bd54"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c1a50e1c4330d3aa951d7a113f943d3e
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80ecfabfce8701f8-ZRH
cdn-requestpullsuccess: True

GET
H3 200 OpenSans-Bold.woff2
hatadeposu.com/soru-cevap/qa-theme/Donut-theme/fonts/ 46 KB
46 KB 34ms
34ms Font
font/woff2 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/fonts/OpenSans-Bold.woff2?v=1.1.0
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/open-sans.css?1.6.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Request headers

Referer: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/open-sans.css?1.6.2
Origin: https://hatadeposu.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
cf-cache-status: HIT
last-modified: Sun, 27 May 2018 21:22:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6999
etag: "b654-56d3698390dcb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BtNiK9Ns%2BJwsr%2Bjhq%2BdIEgJAVEZ6diQPQOawYCZ9GKlRchm6P6N7adJajfwfEo2MvfYdPd8ZZpPKXGrdZtKjf7ZRxOSAL7jT%2BNLj0gws%2B1BmseLfTJbiYYJo6TeVi2oGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80ecfabfb8767a3d-DUS
alt-svc: h3=":443"; ma=86400
content-length: 46676

GET
H3 200 OpenSans-Regular.woff2
hatadeposu.com/soru-cevap/qa-theme/Donut-theme/fonts/ 46 KB
46 KB 66ms
66ms Font
font/woff2 172.67.152.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/fonts/OpenSans-Regular.woff2?v=1.1.0
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/open-sans.css?1.6.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Request headers

Referer: https://hatadeposu.com/soru-cevap/qa-theme/Donut-theme/css/open-sans.css?1.6.2
Origin: https://hatadeposu.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
cf-cache-status: HIT
last-modified: Sun, 27 May 2018 21:22:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6999
etag: "b7a8-56d36984a4414"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSJvFGCJZ%2BJKgOdPvtTolbik98lUmSNKUh5ilTB7npoBcCucIFPIdLRHgfHBTENAzojTRJqM4wRg4YSzwBYMttSYJrJDK%2FVR8a1dpaj1NnKTGIKJqEqYSjRj6uPtL4v3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80ecfabfb8787a3d-DUS
alt-svc: h3=":443"; ma=86400
content-length: 47016

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ 380 KB
129 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07586b826c0a882a88716faeca5e3aee2e49ade92e7e324ff276dbc5b8eb85b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131748
x-xss-protection: 0
server: cafe
etag: 5915179344737549228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:58:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 4104 10 KB
5 KB 64ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 11646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 10:44:07 GMT
etag: 2603938475786422795
expires: Sat, 14 Oct 2023 10:44:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
606 B 92ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hatadeposu.com&callback=_gfp_s_&client=ca-pub-1189191416956294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe042d34cd11325798ca2e27c2f066fffe0a7884476ea91361dbf41e5ba5a758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 360B 55 KB
19 KB 704ms
703ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

025e5bf31c6cb9132528d439331048e3a473aed858d5c97cd26835fe5c47d834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18996
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:58:14 GMT
expires: Sat, 30 Sep 2023 13:58:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61EB 430 B
428 B 580ms
580ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=83809533&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293918&bpp=1&bdt=346&idt=329&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90&correlator=6634893074457&frm=20&pv=1&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nuTlXGNso3&p=https%3A//hatadeposu.com&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7582a30f290a346e8c283bc55bdc9fffbb195dd70fa6132ba5a2d15a827a0656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:58:14 GMT
expires: Sat, 30 Sep 2023 13:58:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4CE8 116 KB
26 KB 723ms
723ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&adk=1812271804&adf=3025194257&lmt=1696075094&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293933&bpp=2&bdt=361&idt=320&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90%2C1140x90&nras=1&correlator=6634893074457&frm=20&pv=1&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f301a422e02bb1c8d1ae8f047eef9973fe350c2e990f64aff2fe0517661b5c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26892
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:58:14 GMT
expires: Sat, 30 Sep 2023 13:58:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 0B84 89 KB
29 KB 139ms
16ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 13:58:14 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 16:16:52 GMT
x-azure-ref-originshield: 0sBgXZQAAAADNRmblbjNRTK+nHhaB/U94RlJBMjMxMDUwNDE3MDUxADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: QfEVvja98J3suHAdWTgvwQ==
etag: 0x8DBBB8754CA0D88
x-azure-ref: 0dykYZQAAAADHo5fM7ZctQ4hEFnhpaqopWlJIRURHRTA2MTAAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de821179-d01e-0062-2803-f37e98000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 0B84 80 KB
27 KB 154ms
35ms Script
application/x-javascript 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:58:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 29 Sep 2024 13:58:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 0B84 3 KB
1 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 0B84 20 KB
8 KB 80ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B84 182 KB
58 KB 90ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:58:15 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 0B84
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d2a4e7cb-b48a-4d1b-9267-a1b2fdae2bd5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7c9c64b2-95d3-4987...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f338d0840f2c4a97b1a5be6da69b9205&SNR=1&GV=2&med=10

0
545 B

112ms
112ms

Image
text/plain

2a02:26f0:7100::211:64f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f338d0840f2c4a97b1a5be6da69b9205&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325
Protocol: H2
Server: 2a02:26f0:7100::211:64f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 824D0A1EFA8A436EA193BE51B8123334 Ref B: DUS30EDGE0310 Ref C: 2023-09-30T13:58:15Z
x-cdn-traceid: 0.f5641102.1696082295.2b5ce2cc
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 30 Sep 2023 13:58:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 589DD670941D4097A827A224F03C362E Ref B: MIL30EDGE0908 Ref C: 2023-09-30T13:58:15Z
x-cdn-traceid: 0.f5641102.1696082295.2b5ce1db
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=f338d0840f2c4a97b1a5be6da69b9205&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ 153 KB
52 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/reactive_library_fy2021.js?bust=31078272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1a671bc23f7b7c8019bc64c63c1899b9ed9e7d92599f16229e364774335527d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53265
x-xss-protection: 0
server: cafe
etag: 2960773203964245046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:58:15 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame 0184 10 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 66546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 19:29:09 GMT
etag: 2603938475786422795
expires: Fri, 13 Oct 2023 19:29:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 th
www.bing.com/ Frame 0B84 10 KB
11 KB 160ms
160ms Image
image/jpeg 2a02:26f0:7100::211:64f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559526636518_1PY2E20I067MARKO9K&pid=21.2&c=16&roil=0.0017&roit=0&roir=0.9967&roib=1&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::211:64f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9086d821619957c5f556c21e51c233b264b0e9e205485239886db5a625ce3dc2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.f5641102.1696082295.2b5ce27b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10354
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 0B84 0
534 B 105ms
32ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QKbBOgbAgAAAwDWAAUBCPbS4KgGEO2dvvWez4eCHxgAKjYJasvMxUrVpT8R_gxtAp0tpT8ZexSuR-F6hD8h_g0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeK3xBYABAYoBA1VTRJIBAQbwTJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEQMS1oYXRhZGVwb3N1LmNvbdgC8AbgAqKoMeoCNGh0dHBzOi8vaGF0HSLwdS9zb3J1LWNldmFwL3VzZXIvamFndWFyaGVhdmVuMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoB71iIBQGYBQCgBYSegsmP-OyPIsAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFkq40-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAet8QXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=e21de2dab9b55e28f2e7e590fe91e9821c3ff5d9&bdref=https%3A%2F%2Fhatadeposu.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fhatadeposu.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1189191416956294%26output%3Dhtml%26h%3D90%26adk%3D1119114420%26adf%3D610664999%26w%3D1140%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696075094%26rafmt%3D2%26format%3D1140x90%26url%3Dhttps%253A%252F%252Fhatadeposu.com%252Fsoru-cevap%252Fuser%252Fjaguarheaven0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D2%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696082293912%26bpp%3D6%26bdt%3D340%26idt%3D308%26shv%3Dr20230927%26mjsv%3Dm202309260101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6634893074457%26frm%3D20%26pv%3D2%26ga_vid%3D721533274.1696082294%26ga_sid%3D1696082294%26ga_hid%3D877800929%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D280%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44803491%252C44759876%252C31078199%252C44798934%252C31078272%26oid%3D2%26pvsid%3D4043785527253108%26tmod%3D452416935%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Dc5R8Tr7FlR%26p%3Dhttps%253A%2F%2Fhatadeposu.com%26dtd%3D325,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1189191416956294%26output%3Dhtml%26h%3D90%26adk%3D1119114420%26adf%3D610664999%26w%3D1140%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696075094%26rafmt%3D2%26format%3D1140x90%26url%3Dhttps%253A%252F%252Fhatadeposu.com%252Fsoru-cevap%252Fuser%252Fjaguarheaven0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D2%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696082293912%26bpp%3D6%26bdt%3D340%26idt%3D308%26shv%3Dr20230927%26mjsv%3Dm202309260101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6634893074457%26frm%3D20%26pv%3D2%26ga_vid%3D721533274.1696082294%26ga_sid%3D1696082294%26ga_hid%3D877800929%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D230%26ady%3D280%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44803491%252C44759876%252C31078199%252C44798934%252C31078272%26oid%3D2%26pvsid%3D4043785527253108%26tmod%3D452416935%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3Dc5R8Tr7FlR%26p%3Dhttps%253A%2F%2Fhatadeposu.com%26dtd%3D325&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
an-x-request-uuid: 6c7b426f-b0f5-48db-8138-dbddf60c9389
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 8078 89 KB
29 KB 16ms
16ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 30 Sep 2023 13:58:14 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 16:16:52 GMT
x-azure-ref-originshield: 0sBgXZQAAAADNRmblbjNRTK+nHhaB/U94RlJBMjMxMDUwNDE3MDUxADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: QfEVvja98J3suHAdWTgvwQ==
etag: 0x8DBBB8754CA0D88
x-azure-ref: 0dykYZQAAAABDnHlKT7FqRJMy7mpiMUqtWlJIRURHRTA2MTAAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de821179-d01e-0062-2803-f37e98000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 8078 80 KB
27 KB 32ms
32ms Script
application/x-javascript 23.38.80.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.80.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-182.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:58:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 29 Sep 2024 13:58:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 8078 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:05:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 8078 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8078 182 KB
57 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: hatadeposu.com
URL: https://hatadeposu.com/soru-cevap/user/jaguarheaven0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:58:15 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 8078
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fa32b2ed-e7f4-4c38-b401-463a169dbeed&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ec8a69c2-dd9f-4dc0...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=273a9fe3d60a42808db3ff651793bbc3&SNR=1&GV=2&med=10

0
18 B

313ms
312ms

Image
text/plain

2a02:26f0:7100::211:64f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=273a9fe3d60a42808db3ff651793bbc3&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Server: 2a02:26f0:7100::211:64f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6289C0F064EA4C4B83AA24024BCF09E2 Ref B: FRAEDGE1707 Ref C: 2023-09-30T13:58:15Z
x-cdn-traceid: 0.f5641102.1696082295.2b5ce3c4
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 30 Sep 2023 13:58:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D449D1F6CB74ECDB4E04B1E66CB14B2 Ref B: MIL30EDGE1112 Ref C: 2023-09-30T13:58:15Z
x-cdn-traceid: 0.f5641102.1696082295.2b5ce2ba
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=273a9fe3d60a42808db3ff651793bbc3&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 8078 12 KB
12 KB 84ms
84ms Image
image/jpeg 2a02:26f0:7100::211:64f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559525959574_12I1M3WK7J0PVEBK6C&pid=21.2&c=16&roil=0.2167&roit=0&roir=0.7833&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::211:64f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a7c057c98ad833e35376cd9632c522a815b4677b5e7ce29b3ab72e230ac0e4e3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.f5641102.1696082295.2b5ce2fc
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 11825
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 8078 0
534 B 48ms
31ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
an-x-request-uuid: 1bb637c1-fc20-4b09-a108-ff14fb774daa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 8078 0
556 B 35ms
35ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QLYB-jYAwAAAwDWAAUBCPbS4KgGEKm09M69_ezbHRgAKjYJAACAa76fuj8RAADggUXTuT8ZexSuR-F6hD8hAA0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeN7zBYABAYoBA1VTRJIBAQbwTJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEQMS1oYXRhZGVwb3N1LmNvbdgC8AbgAqKoMeoCNGh0dHBzOi8vaGF0HSL0-gIvc29ydS1jZXZhcC91c2VyL2phZ3VhcmhlYXZlbjCAAwCIAwGQAwCYAwmgAwGqA7kDCs8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ZWM4YTY5YzItZGQ5Zi00ZGMwLTg2NDUtNmY0NTQ5ZGYyODhlJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1lYzhhNjljMi1kZDlmLTRkYzAtODY0NS02ZjQ1NDlkZjI4OGUmcnR5cGU9bnVybCZ0YWdJZD03OTY0ODU4JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfZnBfc3Z5Z3JlJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhMyMTQxMzc3OTczMzkxNzkyNjgxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETXpOVGN4TXpBM01qTXlPVEFqTWpNek5URTFOalV6T1RNeE9UZ3dNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBeCp_-_3mPrPRcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB97zBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=ebc12477863afb3b0c04079fb319b8074385a3a3&type=nv&nvt=5&jm=1003&sid=4718436761729524378&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7964858&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
an-x-request-uuid: 22fc9fe5-a7ec-4184-aa17-0e6aba452685
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B84 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c869e419a15fccbce96d04f70c4b3e08620a0d1b751972bfac3b1a6e63c8460a

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 0B84 0
557 B 32ms
31ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QLVB-jVAwAAAwDWAAUBCPbS4KgGEO2dvvWez4eCHxgAKjYJasvMxUrVpT8R_gxtAp0tpT8ZexSuR-F6hD8h_g0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeK3xBYABAYoBA1VTRJIBAQbwTJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWhhdGFkZXBvc3UuY29t2ALwBuACoqgx6gI0aHR0cHM6Ly9oYXRhGSLYL3NvcnUtY2V2YXAvdXNlci9qYWd1YXJoZWF2ZW4wgAMAiAMBkAMAmAMJoAMBqgO3AwrNAmh0dAVKHHd3dy5iaW5nAWrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03YzljNjRiMi05NWQzLTQ5ODctODg1Yi00MTYxMDJlYzRlZWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AN45xADRydHlwZT1udXJsJnRhZwGnbDk2NDg1OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_QgAV9vZW5hcV9mbnNyZ2xfb3licHh2YXQmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMjM0OTQ0ODI0MTI2OTY3NTMzIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETXpOVGN4TXpBM01qTXlPRGdqTWpNek5URTFOalV6T1RNeE9UZ3dNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYSegsmP-OyPIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAFIyzwP9AGwo0E2gYWChAFER0BAYtk4AYB8gYCCACABwGIBwCgBwHIB63xBdIHDQkRKQEmDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=e0145fcc03213976cb1f2972d113ae2753bd360e&type=nv&nvt=5&jm=1003&px=206&py=0&bw=182&bh=90&sid=4718436761729524378&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7964858&sw=1600&sh=1200&pw=1140&ph=90&ww=1140&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
an-x-request-uuid: 031df267-b44f-4aed-b5c7-77af8e6a469d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B84 0
23 B 66ms
65ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2GK4dikYZa3xFNmdi9YP8q0L0uDX4G6PpLaTkwrAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItMTE4OTE5MTQxNjk1NjI5NMgBCagDAcgDAqoE9QFP0AEdAwzIJMLTX51R_FSOkmeueAcFNlugFcegUoH61h8cDoagj_TFEaIVgAsQpt1aoK9biMAXawG8a_Xx-qBMwNMfZ9E2bnMMFSb9VUedheSz6tg3uaVAuOAh6GxgFxPXn8Mpq3rJYzSbWQtIJ5I-FKtL8CGa8kLODDvc-NVZkx51P5pwYBSrfJJoIrj6ew3eNyG8EQWv-1fuogJMaTUZExVs0o0fRdMrUIhIwN1r_p8req_B-645Zc_4lcDxuMtwiGsoCvEuRn2jtaj0yE4bad2puPbuxNpxFXOnpTcHq0T9uHvpbeAz1rB4SSISuyrWqPINw4AGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTE4OTE5MTQxNjk1NjI5NBgA&sigh=B7OgvLmo_0M&uach_m=[UACH]&cid=CAQSGwDICaaNFATWTevZiKzZw8GT8zaY69gH6CXCvhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1189191416956294&output=html&h=90&adk=1119114420&adf=610664999&w=1140&fwrn=4&fwrnh=100&lmt=1696075094&rafmt=2&format=1140x90&url=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696082293912&bpp=6&bdt=340&idt=308&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&correlator=6634893074457&frm=20&pv=2&ga_vid=721533274.1696082294&ga_sid=1696082294&ga_hid=877800929&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44803491%2C44759876%2C31078199%2C44798934%2C31078272&oid=2&pvsid=4043785527253108&tmod=452416935&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c5R8Tr7FlR&p=https%3A//hatadeposu.com&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 30 Sep 2023 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 13:58:15 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 0B84 0
533 B 34ms
32ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QLVB-jVAwAAAwDWAAUBCPbS4KgGEO2dvvWez4eCHxgAKjYJasvMxUrVpT8R_gxtAp0tpT8ZexSuR-F6hD8h_g0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeK3xBYABAYoBA1VTRJIBAQbwTJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWhhdGFkZXBvc3UuY29t2ALwBuACoqgx6gI0aHR0cHM6Ly9oYXRhGSLYL3NvcnUtY2V2YXAvdXNlci9qYWd1YXJoZWF2ZW4wgAMAiAMBkAMAmAMJoAMBqgO3AwrNAmh0dAVKHHd3dy5iaW5nAWrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03YzljNjRiMi05NWQzLTQ5ODctODg1Yi00MTYxMDJlYzRlZWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AN45xADRydHlwZT1udXJsJnRhZwGnbDk2NDg1OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_QgAV9vZW5hcV9mbnNyZ2xfb3licHh2YXQmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMjM0OTQ0ODI0MTI2OTY3NTMzIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETXpOVGN4TXpBM01qTXlPRGdqTWpNek5URTFOalV6T1RNeE9UZ3dNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYSegsmP-OyPIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAFIyzwP9AGwo0E2gYWChAFER0BAYtk4AYB8gYCCACABwGIBwCgBwHIB63xBdIHDQkRKQEmDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=e0145fcc03213976cb1f2972d113ae2753bd360e&pp=ZRgpdgAFOK0Ews7ZAALW8vwx8b13mJAtoEuErA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJA_SdikYZa3xFNmdi9YP8q0L0uDX4G6PpLaTkwrAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItMTE4OTE5MTQxNjk1NjI5NMgBCagDAcgDAqoE-AFP0AEdAwzIJMLTX51R_FSOkmeueAcFNlugFcegUoH61h8cDoagj_TFEaIVgAsQpt1aoK9biMAXawG8a_Xx-qBMwNMfZ9E2bnMMFSb9VUedheSz6tg3uaVAuOAh6GxgFxPXn8Mpq3rJYzSbWQtIJ5I-FKtL8CGa8kLODDvc-NVZkx51P5pwYBSrfJJoIrj6ew3eNyG8EQWv-1fuogJMaTUZExVs0o0fRdMrUIhIwN1r_p8req_B-645Zc_4lcDxuMtwiGsoCvEuRn2jtaj0yE5Za_w7elIUqU6LYcY5_LOxr2f3PHLHdTmRUOn89aI4lzIWKRBgV7g68oAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1l4kUrLumHij6QoceoSfkjd7GIWA%26client%3Dca-pub-1189191416956294%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
an-x-request-uuid: 7e3e9a02-225d-4736-b512-7fb76221ed3e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 121ms
81ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c6df7191fa533cfa9bacad769e916e8d810f45b5a91b19db5282492705e714b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11988
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8078 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1fc1fa1a6dd859d049e89b1cdcfe7a7b9b262b10390236b0d940bf004b5854

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8078 0
19 B 62ms
61ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3SWudikYZYXTFq2bi9YPtPOqwATS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0xMTg5MTkxNDE2OTU2Mjk0yAEJqAMByAMCqgT1AU_QLHA_eSHSIgEia6PmlvyBtnnyLF2M3x0-fxN_-dVlbPAcVbLNqE_oVmusgp3kgcr0gSJQG0ZgShOGPdcCqeWlPekUOD7pHAfvTTxzt3MgDBRMda0uOmQ5YfAnsImzS336B_qAjMseqxxIXpVB23tu1nAXAaiLog9Si9G2uPedbZ8w35KeUvbDYah9qQ8JBQgOWCGsLOIuFTbLTc1Y1cYw3JpPTeFeBMjSYSiNFrZ8_VgNttKscGvHff5dTMnLo3jQB9upHpH_eeBz1UNipy8_qetVZh_Nb0LjYWm_w3guo3UleNpDxPLGwY7tjsKEQNaq6yeAgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMTg5MTkxNDE2OTU2Mjk0GAA&sigh=EkwiwLX72oc&uach_m=[UACH]&cid=CAQSGwDICaaNVFpmeRczAh8GCrEmCtMp6Bsq4NvqnRgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 30 Sep 2023 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 8078 0
533 B 43ms
43ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QLYB-jYAwAAAwDWAAUBCPbS4KgGEKm09M69_ezbHRgAKjYJAACAa76fuj8RAADggUXTuT8ZexSuR-F6hD8hAA0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeN7zBYABAYoBA1VTRJIBAQbwTJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEQMS1oYXRhZGVwb3N1LmNvbdgC8AbgAqKoMeoCNGh0dHBzOi8vaGF0HSL0-gIvc29ydS1jZXZhcC91c2VyL2phZ3VhcmhlYXZlbjCAAwCIAwGQAwCYAwmgAwGqA7kDCs8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ZWM4YTY5YzItZGQ5Zi00ZGMwLTg2NDUtNmY0NTQ5ZGYyODhlJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1lYzhhNjljMi1kZDlmLTRkYzAtODY0NS02ZjQ1NDlkZjI4OGUmcnR5cGU9bnVybCZ0YWdJZD03OTY0ODU4JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfZnBfc3Z5Z3JlJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhMyMTQxMzc3OTczMzkxNzkyNjgxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETXpOVGN4TXpBM01qTXlPVEFqTWpNek5URTFOalV6T1RNeE9UZ3dNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBeCp_-_3mPrPRcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB97zBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=ebc12477863afb3b0c04079fb319b8074385a3a3&pp=ZRgpdgAFqYUEws2tAAq5tP7Fczue1eBQoDrYWg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC19CddikYZYXTFq2bi9YPtPOqwATS4Nfgbo-ktpOTCsCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0xMTg5MTkxNDE2OTU2Mjk0yAEJqAMByAMCqgT4AU_QLHA_eSHSIgEia6PmlvyBtnnyLF2M3x0-fxN_-dVlbPAcVbLNqE_oVmusgp3kgcr0gSJQG0ZgShOGPdcCqeWlPekUOD7pHAfvTTxzt3MgDBRMda0uOmQ5YfAnsImzS336B_qAjMseqxxIXpVB23tu1nAXAaiLog9Si9G2uPedbZ8w35KeUvbDYah9qQ8JBQgOWCGsLOIuFTbLTc1Y1cYw3JpPTeFeBMjSYSiNFrZ8_VgNttKscGvHff5dTMnLo3jQB9upHpH_eeBz1UNip209iHmXwuWg-7iX1PfmR84qgH-hcfRbHVBAmApRDuioWBYrCUoU1t6ZgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0xNA1YEHFtTwD2jPGFYsL444Twpg%26client%3Dca-pub-1189191416956294%26adurl%3D&cbvp=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:15 GMT
an-x-request-uuid: 24e292c6-74b3-4842-ae92-f4b2017ae690
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 13:58:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89D4 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 101141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 09:52:34 GMT
expires: Sat, 28 Sep 2024 09:52:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A845 829 B
1 KB 84ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0bd6fdbab935126e8a4142bb0869932a59a9f743f45709164b0fb1c34eb6d58

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mnFb8z97_6dxvexG1pCFUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hatadeposu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mnFb8z97_6dxvexG1pCFUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:58:15 GMT
expires: Sat, 30 Sep 2023 13:58:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 89D4 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 10:18:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A845 0
0 121ms
120ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=4043785527253108&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 89D4 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rcNQ7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:58:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

c.gif
www.bing.com/aes/ Frame 0B84
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=d2a4e7cb-b48a-4d1b-9267-a1b2fdae2bd5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7c9c64b2-95d3-4987...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f338d0840f2c4a97b1a5be6da69b9205&tids=15000&med=10

0
18 B

81ms
81ms

Image
text/plain

2a02:26f0:7100::211:64f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f338d0840f2c4a97b1a5be6da69b9205&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:7100::211:64f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F84D3A48B549434D991EC160BED3F3CD Ref B: FRA31EDGE0611 Ref C: 2023-09-30T13:58:16Z
x-cdn-traceid: 0.f5641102.1696082296.2b5ceb4e
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 30 Sep 2023 13:58:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 29E34526A44447BBA0F98FCD6DF50488 Ref B: MIL30EDGE0913 Ref C: 2023-09-30T13:58:16Z
x-cdn-traceid: 0.f5641102.1696082296.2b5cea5c
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=f338d0840f2c4a97b1a5be6da69b9205&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 8078 0
557 B 55ms
54ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QLYB-jYAwAAAwDWAAUBCPbS4KgGEKm09M69_ezbHRgAKjYJAACAa76fuj8RAADggUXTuT8ZexSuR-F6hD8hAA0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeN7zBYABAYoBA1VTRJIBAQbwTJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEQMS1oYXRhZGVwb3N1LmNvbdgC8AbgAqKoMeoCNGh0dHBzOi8vaGF0HSL0-gIvc29ydS1jZXZhcC91c2VyL2phZ3VhcmhlYXZlbjCAAwCIAwGQAwCYAwmgAwGqA7kDCs8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ZWM4YTY5YzItZGQ5Zi00ZGMwLTg2NDUtNmY0NTQ5ZGYyODhlJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1lYzhhNjljMi1kZDlmLTRkYzAtODY0NS02ZjQ1NDlkZjI4OGUmcnR5cGU9bnVybCZ0YWdJZD03OTY0ODU4JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfZnBfc3Z5Z3JlJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhMyMTQxMzc3OTczMzkxNzkyNjgxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETXpOVGN4TXpBM01qTXlPVEFqTWpNek5URTFOalV6T1RNeE9UZ3dNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBeCp_-_3mPrPRcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB97zBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=ebc12477863afb3b0c04079fb319b8074385a3a3&type=pv&jm=1003&px=0&py=0&bw=160&bh=160&sf=1&sid=4718436761729524378&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7964858&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:16 GMT
an-x-request-uuid: 92b1b574-7666-4f40-b4b2-2f50eb2e21c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 0B84 0
556 B 107ms
107ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhatadeposu.com%2Fsoru-cevap%2Fuser%2Fjaguarheaven0&e=wqT_3QLVB-jVAwAAAwDWAAUBCPbS4KgGEO2dvvWez4eCHxgAKjYJasvMxUrVpT8R_gxtAp0tpT8ZexSuR-F6hD8h_g0SACkRJAAxERuwMLqR5gM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeK3xBYABAYoBA1VTRJIBAQbwTJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6ARAxLWhhdGFkZXBvc3UuY29t2ALwBuACoqgx6gI0aHR0cHM6Ly9oYXRhGSLYL3NvcnUtY2V2YXAvdXNlci9qYWd1YXJoZWF2ZW4wgAMAiAMBkAMAmAMJoAMBqgO3AwrNAmh0dAVKHHd3dy5iaW5nAWrweS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03YzljNjRiMi05NWQzLTQ5ODctODg1Yi00MTYxMDJlYzRlZWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AN45xADRydHlwZT1udXJsJnRhZwGnbDk2NDg1OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_QgAV9vZW5hcV9mbnNyZ2xfb3licHh2YXQmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMjM0OTQ0ODI0MTI2OTY3NTMzIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETXpOVGN4TXpBM01qTXlPRGdqTWpNek5URTFOalV6T1RNeE9UZ3dNUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYSegsmP-OyPIsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAFIyzwP9AGwo0E2gYWChAFER0BAYtk4AYB8gYCCACABwGIBwCgBwHIB63xBdIHDQkRKQEmDNoHBggFCajgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=e0145fcc03213976cb1f2972d113ae2753bd360e&type=pv&jm=1003&px=206&py=0&bw=182&bh=90&sf=1&sid=4718436761729524378&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7964858&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:16 GMT
an-x-request-uuid: d5b2ed5b-005e-4f01-a4c8-002a4d4a0edd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.131; 195.206.105.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B84 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_PTT077KU2P-sERwNZdjIPDZ6O5rH4jHOk1UXZbCVgn8BO-710C2aQ0KcqCYIe0REQrmQWL-P3gjn9DWIUlc7A9u9h4929kBPu1bw&sig=Cg0ArKJSzBjXZvS7p9OtEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1119114420&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696082294953&rpt=374&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
124ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=4043785527253108&bg=!WlmlWRbNAAYEJRtnJCU7ADQBe5WfOAkoaj-4qX6E10u9GJDOQatbOHt9ZMGIYbfthjHxM4zlvhqwuPGWKnvuW7ShPZWKAgAAAJVSAAAACWgBBwoAOhoTcTcaQ6_W8EOWNuyJhIGOQx6Lede7YrdTbUpwkRNL5Nj5T-ScElKKcwt55-r-c95Lxap8y3Nf_UeZArgiugu46OB8aZ1zEBTdJqUfnjZUAGl3d6WqWHEtEbCZCHU6ro7GA1Ze-hUH1KL07b94n61WXvpeg4xw-PIIQjk00x2aHMPuTLeAntaqXWA6t-dNKhZ8CjyXCKae-EuOYCfujtiTDwDAXgI7OZe2qST-kjN4Bs5ZVr3qfADJy7hF7grQcNFJrhOXqbkqDUUL675zdtWYGChDbV_RL-tbn-c_m4m2ug7z6WagtM_-rlckNrtfIIywATVUXO8eCy1rZR8vcFutQw4RR8XWnmf5SS4JAFdYO3rWG300R_9xZPxZLUOyZ8CIycDyrIr-uhy9Cz9xcGrmRMrlL9-ZSHFWyUKrroCnMGSnpNLk25aDkSXYcjJKXTY_82zHS-wJVwrAThWJrCVC95mOrvrbiyqdKHNDplkLZEedN3MkyJWF4Av6ywFnMpq_C4JRy3yPtm4JZmPxDTep7Gid6AzYutCnrqeF_PDoPUn-SXgWVMbDS_8O5JvfVHkip1cYxVvD-bJT1DCY0YcD7UqrFyXmUkmv1r6d4Y4maVbxWpxEJ0pcq8Eb00V4SwrRPJoi_6oliLhkZFfQi_kipdH70c8ZeMyjDbOxK6vO8S8zE0PUTYFMCoqtbZ0HVb1SLMQBoyyXEhVTkDqsN-jhZiHF1Bntr23jmYALYg95CEb-QOM3Z3UUlqtuChe_P3kg_yon2GPFJIcMn8c0OzwACl2yVXdcx3tO2uJeJMrnc20OaFRdy4iHFAtdlEpajyyqpDgEqrkLv1tCxNp97K5TRAJHUw2KsOGlwHUMZFiMSr8XXqjidj1xfgvdc73OKYzXc3XG-hPH4HI2_veP-We7phtpHf3oI3sizsy2bs3Dd0Sfd4m1mH2X3JBZxPsAozIIJYRV2mYTMIknOGixUz1Sr33e1EckmAGxVA-dsqyHltrIlJE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hatadeposu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

c.gif
www.bing.com/aes/ Frame 8078
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fa32b2ed-e7f4-4c38-b401-463a169dbeed&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=ec8a69c2-dd9f-4dc0...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=273a9fe3d60a42808db3ff651793bbc3&tids=15000&med=10

0
18 B

95ms
95ms

Image
text/plain

2a02:26f0:7100::211:64f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=273a9fe3d60a42808db3ff651793bbc3&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:7100::211:64f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 406C023665354D4781E6C80DD831A335 Ref B: FRA31EDGE0714 Ref C: 2023-09-30T13:58:16Z
x-cdn-traceid: 0.f5641102.1696082296.2b5ceec8
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 30 Sep 2023 13:58:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16D27906401B4070AABF849987378E5F Ref B: MIL30EDGE1014 Ref C: 2023-09-30T13:58:16Z
x-cdn-traceid: 0.f5641102.1696082296.2b5cee42
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=273a9fe3d60a42808db3ff651793bbc3&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8078 42 B
64 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYUqM348coFQlbgv5szz65O7iTimPx5il_Sm1E5TxRSL0bWfLtfVMiCMGnDaB02dafITue0hAH3OhJGQSq7y3DLI0PuiutLfDkVMfb&sig=Cg0ArKJSzJL1vMcHaq0IEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696082295166&rpt=450&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hatadeposu.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 825e49dbc13ee061036ae935f8b38d00
hatadeposu.com/	1970-01-20 15:10:55	Name: qa_key Value: 0kpizpipbw4va0pgd0njfc696paonuto
.hatadeposu.com/	1970-01-21 00:29:38	Name: __gads Value: ID=06392f8a923c0525-22206ac21bdf0074:T=1696082294:RT=1696082294:S=ALNI_MZM2Adg2OKthwRj2YdvGsWXyeJEDA
.hatadeposu.com/	1970-01-21 00:29:38	Name: __gpi Value: UID=00000c89e927004b:T=1696082294:RT=1696082294:S=ALNI_MaCpDQLVB333T_7ECqdnGJh96-jfA
.bing.com/	1970-01-21 00:29:38	Name: MUID Value: 2870536B74986AF6117640F775456B79
.doubleclick.net/	1970-01-21 00:44:02	Name: IDE Value: AHWqTUnRMKPQ9Of5iH01M03cdUJk5Ui2cBYGtuvXvS69NQ0OLHrmCf4s3n2Jdf6o9nk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
cdn.adnxs.com
googleads.g.doubleclick.net
hatadeposu.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagservices.com
172.67.152.39
185.89.210.20
23.38.80.182
2606:4700::6812:bcf
2620:1ec:bdf::45
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a02:26f0:7100::211:64f9
025e5bf31c6cb9132528d439331048e3a473aed858d5c97cd26835fe5c47d834
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
07586b826c0a882a88716faeca5e3aee2e49ade92e7e324ff276dbc5b8eb85b6
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1c6df7191fa533cfa9bacad769e916e8d810f45b5a91b19db5282492705e714b
20959fca3aceb596618bc8f1896285c91a82847ce442950e7e0d69abf3abecc8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c1fc1fa1a6dd859d049e89b1cdcfe7a7b9b262b10390236b0d940bf004b5854
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
37e49679d003baa628de3ac1fc48b0e6f3a4b19729786336322b83c535ace45f
4177f822f1cf680a8ac0161618bc63375fdef7b0f672392678bbcdf9d113d1b1
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7582a30f290a346e8c283bc55bdc9fffbb195dd70fa6132ba5a2d15a827a0656
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
9086d821619957c5f556c21e51c233b264b0e9e205485239886db5a625ce3dc2
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c
9c2626c8c9c00f66c08a160dff75b4f492e0d4885cfaec32db26bd78e9b5be8f
a0bd6fdbab935126e8a4142bb0869932a59a9f743f45709164b0fb1c34eb6d58
a7c057c98ad833e35376cd9632c522a815b4677b5e7ce29b3ab72e230ac0e4e3
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c869e419a15fccbce96d04f70c4b3e08620a0d1b751972bfac3b1a6e63c8460a
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d1a671bc23f7b7c8019bc64c63c1899b9ed9e7d92599f16229e364774335527d
dbe7e5ef1079c650ad63c7835098569ec0d48833446f664714b45d39283d6d3a
dc1c0d339765dffab97b96d2190bf9d769dff1126b6b464e20fbe7962e9ac0cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f301a422e02bb1c8d1ae8f047eef9973fe350c2e990f64aff2fe0517661b5c6d
fe042d34cd11325798ca2e27c2f066fffe0a7884476ea91361dbf41e5ba5a758

hatadeposu.com Open in urlscan Pro 172.67.152.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

93 %HTTPS

75 %IPv6

10 Domains

12 Subdomains

13 IPs

2 Countries

858 kBTransfer

2268 kBSize

6 Cookies

1 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

hatadeposu.com Open in urlscan Pro
172.67.152.39 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

93 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

858 kB
Transfer

2268 kB
Size

6
Cookies

60 HTTP transactions
2 data transactions