urlscan.io logo urlscan.io
SecurityTrails logo

bursucretleri.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tobacco-world.placeid.site/
Effective URL: https://bursucretleri.com/tobacco-world
Submission: On August 26 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 41 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is bursucretleri.com.
TLS certificate: Issued by WE1 on July 16th 2024. Valid for: 3 months.
This is the only time bursucretleri.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    51.195.87.128 (France)

ASN16276 (OVH, FR)
PTR: ip128.ip-51-195-87.eu
tobacco-world.placeid.site
19    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bursucretleri.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.google.fr
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
lh3.googleusercontent.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
19 bursucretleri.com
bursucretleri.com
201 KB
7 google.com
maps.google.com — Cisco Umbrella Rank: 3713
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3773
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
128 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
98 KB
3 gstatic.com
fonts.gstatic.com
173 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
193 KB
2 googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 384
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
105 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 16277
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
104 KB
1 placeid.site
tobacco-world.placeid.site
1 KB
41 11
Domain Requested by
19 bursucretleri.com bursucretleri.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 cdnjs.cloudflare.com bursucretleri.com
cdnjs.cloudflare.com
3 fonts.gstatic.com
3 pagead2.googlesyndication.com bursucretleri.com
pagead2.googlesyndication.com
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 www.google.fr
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.google.com bursucretleri.com
1 maps.google.com 1 redirects
1 www.googletagmanager.com bursucretleri.com
1 lh5.googleusercontent.com bursucretleri.com
1 tobacco-world.placeid.site 1 redirects
41 15

This site contains links to these domains. Also see Links.

Domain
www.google.com
search.google.com
Subject Issuer Validity Valid
bursucretleri.com
WE1		 2024-07-16 -
2024-10-14		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.fr
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bursucretleri.com/tobacco-world
Frame ID: 85534EE88D3E01E8D9A61ABEC1EB8F4A
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sTobacco+World!6i13
Frame ID: 881F212C8FF8B575AD70CBECF79A7E93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tobacco World

Page URL History Show full URLs

  1. https://tobacco-world.placeid.site/ HTTP 301
    https://bursucretleri.com/tobacco-world Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

14
IPs

6
Countries

1008 kB
Transfer

2900 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tobacco-world.placeid.site/ HTTP 301
    https://bursucretleri.com/tobacco-world Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://maps.google.com/maps?q=Tobacco%20World&t=&z=13&ie=UTF8&iwloc=&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sTobacco+World!6i13

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tobacco-world
bursucretleri.com/
Redirect Chain
  • https://tobacco-world.placeid.site/
  • https://bursucretleri.com/tobacco-world
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
c45563784627aa28e31797a2c0282eaca0936b33528c58c255da257f5d1019f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b8fb318d87b94a6-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Aug 2024 00:28:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tb43bbJqncftlCSeVtm0H9yNBC1vKaXDhGTDP%2FvVUuWY0ifztUJUKSDxETBM6Yzb6NZm%2BsUHi3L9j19FQfuWAXsFklHd4a1gW80pyWdX%2FSBiPq3sPjYqx%2Fj05y0jg26HCQaXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-type
text/html
date
Mon, 26 Aug 2024 00:28:03 GMT
location
https://bursucretleri.com/tobacco-world
server
LiteSpeed
nouislider.css
bursucretleri.com/assets/vendor/nouislider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/nouislider/nouislider.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d5ef51de6bc8309cc346fbe124edec387a672cf70b93d8301417480387037c

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 09:13:04 GMT
server
cloudflare
age
325819
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTsCtDTV%2FLJzEW9NY0u4HDpBnBUqkLE%2F8dR%2BvBbc%2Bea%2BGDdL9XKzuA5P2vNj6URs9zQB7u%2B8itALZv2GmyiAPzd01yGr1Qy3aU%2FJ3bvDJWV0Vio0VyTnDdP4FWF0uYIe0b5Wtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8b8fb31bfab694a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 05:57:43 GMT
swiper.min.css
bursucretleri.com/assets/ajax/libs/Swiper/4.4.1/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/ajax/libs/Swiper/4.4.1/css/swiper.min.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbf080e7ccc96464af2fd824f0335f67c209a9a9b09262246d046a97f5b9ac0

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:22:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
285895
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxFbQKUdvw%2BYczFfC4QBZblhydG62PfgkDPM7cVMMd52IHTPNjF8drVlVzOZFLpBqq5pm0DRvyhYAlTNo00EvMHhst8e2eKeg8vN8s2THjMbH3nbBYjvTD7fn%2FYTWu7TR8WopQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8b8fb31c0abd94a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 17:03:07 GMT
magnific-popup.css
bursucretleri.com/assets/vendor/magnific-popup/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/magnific-popup/magnific-popup.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 09:13:04 GMT
server
cloudflare
age
325819
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jeo28c5z1khCI3%2FS9sy2%2FI%2FDhopTVI%2BkF%2FeEF2QvHVMmHm%2BUTz4Rb4ii6FdUOZ5RDqfhWkWBlNkYMKN80WZ6AWtcilIcKq5XE%2FRBlgDlYb6unHONdAq6pEPmbQ39ECd6kw95Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8b8fb31c0ac194a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 05:57:43 GMT
style.default.css
bursucretleri.com/assets/css/ 		220 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/css/style.default.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed6391d570a6834b164248068fb4259155c237e7921aeabeacafc7feda0fc35f

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 09:12:13 GMT
server
cloudflare
age
325819
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RC4HaptLRYEiKCTIVsxZehrmjlA6xvyfld2luSflbmKAWefpbGBa%2BzJeQeHnBBlrdWLIGgTSrY38as2FyoLDDXfzuk1cGMaqOjuocns4ePgWROG9K8SapfprhmoRSHF0bIz7gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8b8fb31c0ac294a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 05:57:43 GMT
custom.css
bursucretleri.com/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/css/custom.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b8d03644644469441015da43ec014e478f9450b91705b3961ea9103a7f7cb6

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 09:12:09 GMT
server
cloudflare
age
273956
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gi2neD4R0PAFqFTybJ3xM%2BTa0mX4UaVJx1qf99NJH4Ru98DebxNf6iN%2FLAZvnjLvzRSmUntQnaRyhtoVtriSpmLeZng%2F6FabhMBMAk0TRcX%2FSkl2bOBKstkYPQKAtusi5AYhLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8b8fb31c0ac394a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 20:22:06 GMT
regular.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 		675 B
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/regular.min.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1491877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
270
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-2a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVT0ODi3wNGSpM0uejqgAZAI4b7iMdBd7vasP%2BqgL5ZQrCvaToFTcoUCcRO6nXImVhDbwjBFe6pf13jG43P83wLoIpww3I3tZSMZFNALYLdVf%2Fit5utkBu1De%2Bzo0Oxp%2FSGHCqLh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b8fb31d0dcb79c5-LHR
expires
Sat, 16 Aug 2025 00:28:04 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1151619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9804
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-d747"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0f1dvjxadV7naCe%2FHpFPsMDuKp9W3NOz5YgcSi%2FMZ4MSmAK3nWI984GCwxT1v6Ku9C%2BzIuUZIMnkY3KZ5gjay1tyYWx%2BpNj7L93wwlvb3wvmN%2FrB1KYFlSQcIimFHRDK60roBdN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b8fb31d0dcc79c5-LHR
expires
Sat, 16 Aug 2025 00:28:04 GMT
AF1QipMjrqy0U2nbRqC2b_tBKhkW73gy9gK676TN0Rp4=w800-h500-k-no
lh5.googleusercontent.com/p/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/p/AF1QipMjrqy0U2nbRqC2b_tBKhkW73gy9gK676TN0Rp4=w800-h500-k-no
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bb37f4e40d63c9124b703fefb1cdf8e701457519bb03639ed10aa833de120da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
x-content-type-options
nosniff
server
fife
etag
"vfd6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2017-11-30.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103251
x-xss-protection
0
expires
Tue, 27 Aug 2024 00:28:04 GMT
rocket-loader.min.js
bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Aug 2024 12:08:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c5d8a6-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NH3KpGqcKQjIOYfhA8KyUmpGJopIEDNJ5THoBFdC9s9zjUmSJnsPulCMnUImW93j4Ma%2F2UlOJrfYtkHdPWuTgdibXz7ipKckmt%2FYkeZqJwahjXNQiYNEtueUVBDcjB%2BwljPoig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b8fb31c5b0894a6-LHR
expires
Wed, 28 Aug 2024 00:28:03 GMT
theme.js
bursucretleri.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/js/theme.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d25b3f201ed00155c3ced0fb019ba184415a9e66421c39fd56cdac3f8ee591

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 09:12:15 GMT
server
cloudflare
age
285896
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wkYIYm4aifzeqLvU17Uzd07QadaZM5crxDKgyiWNdsaLHUEmgXZlQf7vIQqhsrF6DxpavLM5Ni%2F124QNghKVn8%2Fw0lN9cgg8drCvhyaTzPHVdwjJz2vLaXbrl%2FyehlJ16hZ%2F8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bcd94a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 17:03:08 GMT
swiper.min.js
bursucretleri.com/assets/ajax/libs/Swiper/4.4.1/js/ 		122 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/ajax/libs/Swiper/4.4.1/js/swiper.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:22:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
332756
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igTU2%2FfmUiYQTkYd5LFmv3UQG5yfXIhsAIj7%2Bm4Ykle3PNVDzsim1nb7Yr1Xao54GwizNhN9TmdB91oSnUhERcG69ifV8m%2BRnTowvcPRuAXeCBykUOFmg%2BtX8XZT5%2FuQ2ROVJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bce94a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 04:02:07 GMT
ofi.min.js
bursucretleri.com/assets/vendor/object-fit-images/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/object-fit-images/ofi.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:13:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
332756
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEY%2Fm7fcO27cyX2VF0UhxxDuAQsP6GPiRnrTRhslaP1T9DsWUjdI5UDuS1BOpFOwXBTVJdh%2Bs5EA7BbNuBEy9nYRfE7MaEnAH9Ihe351TQ0MK8EtFFkGOLebFM%2F%2FBDbW8hSkuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bcf94a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 04:02:07 GMT
bootstrap-select.min.js
bursucretleri.com/assets/vendor/bootstrap-select/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/bootstrap-select/js/bootstrap-select.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ed3b6ad6239f637a850a5f8c8af580492590ff29458ee3e17adf1a66dd9ed0

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:15:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
273957
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bt2EbOODqd1NK3f4iuRCYZuKo30No1Rfvuz57Se%2BP5wZ6xIyPvxIqgIcGlOIQbzduLBMZZBPraxq8ZOXxbSq%2FG6XibtxMhiIiMcsZaE5IbLvjZmt0ZHjLaslt2Gwse8RSGwO6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bd294a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 20:22:07 GMT
smooth-scroll.polyfills.min.js
bursucretleri.com/assets/vendor/smooth-scroll/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/smooth-scroll/smooth-scroll.polyfills.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8273d8d03942bb8c3ee319c3c8341b9fde427ab48b9fd65bc25dd5a76ebb1058

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:13:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
332756
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AL7W6m%2BKtVQyUbP7MXkG090j469z6ZRqgIrwiJ0VW1WQyVSwR%2B0C4Mrs8DeC98B5o4fUMAEJS5xWp7D%2BZ63ezUwOx66jbaNKtJUDQ4cR9hxLNDITlFvfXyI%2FVp41grJG9u8RCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bd394a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 04:02:07 GMT
jquery.magnific-popup.min.js
bursucretleri.com/assets/vendor/magnific-popup/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/magnific-popup/jquery.magnific-popup.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:13:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
285896
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0n7uAfecCtAQGvxHmOJh2reiE%2FREKTDI3riQbj8s3GW1iTFOIVdYwTL8nZr8nUpXMV0F83CyAiYRWKqJNTVV2b61X6rHp8abA0n1ovChBJLxR9oEcjSoyIh0gvAxL3CPPq8KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bd494a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 17:03:08 GMT
bootstrap.bundle.min.js
bursucretleri.com/assets/vendor/bootstrap/js/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268999
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6a%2BGJBIKffOsyKz4nRnLg3eMTMHC7V1Jb2hcwY4UrkQBEJZsYvmBdfAMqQbdbJ2rykUp3t48o93pKJMQNI9H3dNKQ8sIpW072SM74MfyaQh%2F0GH09zFsGBZKIWvI4LH8GDRocg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bd594a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 21:44:45 GMT
jquery.min.js
bursucretleri.com/assets/vendor/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/vendor/jquery/jquery.min.js
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:13:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
332756
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UG47leBYfzlAT8B2uGPA7rWgG8U9tGhPkc3issxsJpiiy4UiW%2BiVOyUwOuSJahF8obYeh1CIlUT%2F09R4vDssyCFk6Lq03qKxCaIjABWgtEACEPH4i3FHCnbyK6HvYIaraUYNEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8b8fb31d4bd694a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 04:02:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6268833237800589
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3f907fcde3b1dca076ea66742923eeaaa7679a9a7b2a0eb5593b5d73082014d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52161
x-xss-protection
0
server
cafe
etag
12803524942049495140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 26 Aug 2024 00:28:04 GMT
js
www.googletagmanager.com/gtag/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-24H30KDT3N
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e860d36ac56823b45fa8b5b1e9910253c8272fe75120e17ea57a5fea06587167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106479
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Aug 2024 00:28:04 GMT
normal.woff2
bursucretleri.com/cf-fonts/s/poppins/5.0.11/latin/700/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/cf-fonts/s/poppins/5.0.11/latin/700/normal.woff2
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

Referer
https://bursucretleri.com/tobacco-world
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYA4%2Bu5mw853B%2BqtPe8CC2Qqrj2b5F4m02vjcJwOGe5SUjTYg1awhlOjGDQaFdGVZAclkBsL%2Bk4u2mRG8dF6lFu%2FHtj9L9sSR6n7qfGqu4ztt61gCBGWwGxaL4oQUhjdkMZe3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8b8fb31dac3194a6-LHR
alt-svc
h3=":443"; ma=86400
content-length
7816
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
287412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74256
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12210"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mg38RPfB7FpgAlCu1gWjwKArdPeR0jwotjR6h0WkuiivMLlDPrEmqhVb1A8erbRYTffX8QuqTXENTclgx%2B3X5ht427ELuxf73T9JIRiyYpVbDPrYIHYWEZmyK3KfhOI%2BSwmgN6La"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b8fb31dc935637d-LHR
expires
Sat, 16 Aug 2025 00:28:04 GMT
normal.woff2
bursucretleri.com/cf-fonts/s/poppins/5.0.11/latin/400/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/cf-fonts/s/poppins/5.0.11/latin/400/normal.woff2
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer
https://bursucretleri.com/tobacco-world
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USKGbEfZbsxUe000epN2SOy3srznDhGRaI2JccaUkcjY7h%2F3ts5dCnqStVCC6MHtKMiJlFTgaj65pE036N1UX60OfAVBU3hR%2FvQSCmLR34l1cqFVThtlFbe8UiYcEAhmRAG%2Bmg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8b8fb31dac3594a6-LHR
alt-svc
h3=":443"; ma=86400
content-length
7884
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/regular.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/regular.min.css
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2794014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13552
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-34f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucS72%2Bn1K87RmshaWimj0500tMVSBjMG95V%2BsddV8IPk4y7eiyi94Jv0ZjEeF%2FLIQvVMsj%2FT7nOxNYOxE91bOHsVJE1TaTSse22EtQaRLIQKgjHZrYZ9OWBC4iU9tO4yXu2BqoJY"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b8fb31dc934637d-LHR
expires
Sat, 16 Aug 2025 00:28:04 GMT
normal.woff2
bursucretleri.com/cf-fonts/s/poppins/5.0.11/latin/300/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/cf-fonts/s/poppins/5.0.11/latin/300/normal.woff2
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Request headers

Referer
https://bursucretleri.com/tobacco-world
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PY5fXWH3wHBZwafj%2Fm2%2FHscmf6Ttc9AwWlimqZqHYyZPkePQrM2bq4JF8%2Fbvu%2F8%2BxKo19%2FDWn6amyS0Hs1q%2F%2B%2Fz25ya%2BhhNQwLgXSaCaLmIhMhtadCYEbkcMQDqLMRsHoeWjsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8b8fb31dac3994a6-LHR
alt-svc
h3=":443"; ma=86400
content-length
7840
embed
www.google.com/maps/ Frame 881F
Redirect Chain
  • https://maps.google.com/maps?q=Tobacco%20World&t=&z=13&ie=UTF8&iwloc=&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sTobacco+World!6i13
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sTobacco+World!6i13
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/tobacco-world
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-t0LFxJcoNOteeKyQvfjWpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/tobacco-world
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1802
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-t0LFxJcoNOteeKyQvfjWpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Mon, 26 Aug 2024 00:28:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 26 Aug 2024 00:28:04 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sTobacco+World!6i13
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6268833237800589
Requested by
Host: bursucretleri.com
URL: https://bursucretleri.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3f907fcde3b1dca076ea66742923eeaaa7679a9a7b2a0eb5593b5d73082014d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52161
x-xss-protection
0
server
cafe
etag
12803524942049495140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 26 Aug 2024 00:28:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/ 		423 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6268833237800589&plah=bursucretleri.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6268833237800589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
cdd2b405c8c4ce1327af85907144728a8372fff07a72e17c105903f3ef0add01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145355
x-xss-protection
0
server
cafe
etag
12420297284390967270
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Aug 2024 00:28:05 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-24H30KDT3N&gtm=45je48l0v9138651614za200&_p=1724632085326&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=167323656.1724632085&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724632085&sct=1&seg=0&dl=https%3A%2F%2Fbursucretleri.com%2Ftobacco-world&dt=Tobacco%20World&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2475
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24H30KDT3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 00:28:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bursucretleri.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-24H30KDT3N&cid=167323656.1724632085&gtm=45je48l0v9138651614za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24H30KDT3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 00:28:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bursucretleri.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-24H30KDT3N&cid=167323656.1724632085&gtm=45je48l0v9138651614za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=2120023098
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 00:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
bursucretleri.com/assets/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bursucretleri.com/assets/img/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a3f87e947efd44b1ac7ca8fb679183ae8c3d612dee7f39f6314721086bea29e

Request headers

Referer
https://bursucretleri.com/tobacco-world
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 09:12:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
285895
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8q0dTgPV0KvDUmHxp7ppbCIh7EsrPuV6QMSjKU%2BLuL1o8CMWpG9ax3Es%2FlLb%2F5jz6zUQFfLG%2BRLeiv%2BBzbgzU0N0%2FxE%2BrWFvCqoGtn8aBRruKfFJ2ziAnuQiVTb2Si42duP9iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
8b8fb325bad094a6-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 29 Aug 2024 17:03:09 GMT
ca-pub-6268833237800589
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6268833237800589?href=https%3A%2F%2Fbursucretleri.com%2Ftobacco-world&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6268833237800589&plah=bursucretleri.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d04dc6df8a0f396a092f26cad0773dcdbfd8fa66a9d234456f5a8dd51753e04b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-V-ylkJYgiL_U7D3o2kPIlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-V-ylkJYgiL_U7D3o2kPIlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw0JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh2PqjPXb2ARunDpxkElJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAAAvs-gA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxURVBmjDm-HUSQE721TPqCxFiISjWlH2iv1X-8lBce6zZ99z3DD_1BVzA8-zv_Jb5swGY4IwYivuI22UpIK43BptLmdgraMrndkM0w4bHkk6jCPf6-f9iunvWL9Kx-Gdr5KAFDTtg==
fundingchoicesmessages.google.com/f/ 		392 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxURVBmjDm-HUSQE721TPqCxFiISjWlH2iv1X-8lBce6zZ99z3DD_1BVzA8-zv_Jb5swGY4IwYivuI22UpIK43BptLmdgraMrndkM0w4bHkk6jCPf6-f9iunvWL9Kx-Gdr5KAFDTtg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NjMyMDg1LDc4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9idXJzdWNyZXRsZXJpLmNvbS90b2JhY2NvLXdvcmxkIixudWxsLFtbOCwibkVmOE1ySThxeFEiXSxbOSwiZnIiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.nEf8MrI8qxQ.es5.O/am=rGA/d=1/rs=AJlcJMwDVB1Tcp3ANBWY6B-b0E89N5fl9g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc0bbc60025006303093ccee9804da828dc7e5c98fd56495a0604019d9749041
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XMYDtGITRuVPrwBWieoXWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 00:28:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-XMYDtGITRuVPrwBWieoXWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh2PqjPXb2AQuvN44hVlJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAA_O4-WA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.nEf8MrI8qxQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzixI5n1DDIlrAB_Ufju2m95hIkpg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Aug 2024 00:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 00:28:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Aug 2024 00:28:06 GMT
tRKRjEg4wtWf3Ip-YmFeXBS95-1J1MYzxoO2uluLz50prBoY6TUnAt22lTwI6dcsePOGqXurBE0JubuRqAg8zTAveiNrhbnS7f4evYMMbDa2vLLMf08K=h60
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/tRKRjEg4wtWf3Ip-YmFeXBS95-1J1MYzxoO2uluLz50prBoY6TUnAt22lTwI6dcsePOGqXurBE0JubuRqAg8zTAveiNrhbnS7f4evYMMbDa2vLLMf08K=h60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
fife /
Resource Hash
1a98c31afeb3e99f7dc7db7113f96a44d4436a55a7ac01d0cc8a93851157035f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 23:25:22 GMT
x-content-type-options
nosniff
age
3764
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3774
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 26 Aug 2024 23:25:22 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
469483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:03:23 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:07:28 GMT
x-content-type-options
nosniff
age
469238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:07:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
Origin
https://bursucretleri.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
469483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:03:23 GMT
AGSKWxX_wn1f0SRkbhid2Nyg4RPLsKOvJsINNj6JccXb6AJqpFNOMWAHPyEwJqVVQlkOiOLbianJEWsYB7mNkcneynLlsBPzOz198yDCroGyZ_NHXmC_FeApgMzE5c-cGuBLDZLgDyw2MA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_wn1f0SRkbhid2Nyg4RPLsKOvJsINNj6JccXb6AJqpFNOMWAHPyEwJqVVQlkOiOLbianJEWsYB7mNkcneynLlsBPzOz198yDCroGyZ_NHXmC_FeApgMzE5c-cGuBLDZLgDyw2MA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.nEf8MrI8qxQ.es5.O/am=rGA/d=1/rs=AJlcJMwDVB1Tcp3ANBWY6B-b0E89N5fl9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QCWsVSZ_cAW2O7EfqC7pkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Aug 2024 00:28:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QCWsVSZ_cAW2O7EfqC7pkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFuDmmzVi_jU1gw5IjmkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCyEjPwDy-wAAACUstTA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bursucretleri.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_wn1f0SRkbhid2Nyg4RPLsKOvJsINNj6JccXb6AJqpFNOMWAHPyEwJqVVQlkOiOLbianJEWsYB7mNkcneynLlsBPzOz198yDCroGyZ_NHXmC_FeApgMzE5c-cGuBLDZLgDyw2MA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_wn1f0SRkbhid2Nyg4RPLsKOvJsINNj6JccXb6AJqpFNOMWAHPyEwJqVVQlkOiOLbianJEWsYB7mNkcneynLlsBPzOz198yDCroGyZ_NHXmC_FeApgMzE5c-cGuBLDZLgDyw2MA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.nEf8MrI8qxQ.es5.O/am=rGA/d=1/rs=AJlcJMwDVB1Tcp3ANBWY6B-b0E89N5fl9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yma--UhTG93_MJovrXu_aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bursucretleri.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Aug 2024 00:28:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yma--UhTG93_MJovrXu_aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFuDmmzVi_jU3gRvcuTSWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBhZKRnYB5fYAAADqItWQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bursucretleri.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| __cfQR function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| $ function| jQuery string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| bootstrap function| SmoothScroll function| objectFitImages function| Swiper boolean| __cfRLUnblockHandlers function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTY4YmI2NGE0OTZlYWNlMGxvYWRlcl9qcw== string| MTY4YmI2NGE0OTZlYWNlMGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

2 Cookies

Domain/Path Name / Value
.bursucretleri.com/ Name: _ga_24H30KDT3N
Value: GS1.1.1724632085.1.0.1724632085.60.0.0
.bursucretleri.com/ Name: _ga
Value: GA1.1.167323656.1724632085

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bursucretleri.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
lh5.googleusercontent.com
maps.google.com
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
tobacco-world.placeid.site
www.google.com
www.google.fr
www.googletagmanager.com
104.17.25.14
142.250.185.129
142.250.185.174
142.250.186.131
142.250.186.132
142.250.186.162
188.114.97.3
2001:4860:4802:34::36
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
51.195.87.128
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1a98c31afeb3e99f7dc7db7113f96a44d4436a55a7ac01d0cc8a93851157035f
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f907fcde3b1dca076ea66742923eeaaa7679a9a7b2a0eb5593b5d73082014d1
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
42b8d03644644469441015da43ec014e478f9450b91705b3961ea9103a7f7cb6
4a3f87e947efd44b1ac7ca8fb679183ae8c3d612dee7f39f6314721086bea29e
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8273d8d03942bb8c3ee319c3c8341b9fde427ab48b9fd65bc25dd5a76ebb1058
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a4d5ef51de6bc8309cc346fbe124edec387a672cf70b93d8301417480387037c
a7ed3b6ad6239f637a850a5f8c8af580492590ff29458ee3e17adf1a66dd9ed0
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
bb37f4e40d63c9124b703fefb1cdf8e701457519bb03639ed10aa833de120da9
c45563784627aa28e31797a2c0282eaca0936b33528c58c255da257f5d1019f8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
cdd2b405c8c4ce1327af85907144728a8372fff07a72e17c105903f3ef0add01
cfbf080e7ccc96464af2fd824f0335f67c209a9a9b09262246d046a97f5b9ac0
d04dc6df8a0f396a092f26cad0773dcdbfd8fa66a9d234456f5a8dd51753e04b
dc0bbc60025006303093ccee9804da828dc7e5c98fd56495a0604019d9749041
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d25b3f201ed00155c3ced0fb019ba184415a9e66421c39fd56cdac3f8ee591
e860d36ac56823b45fa8b5b1e9910253c8272fe75120e17ea57a5fea06587167
ed6391d570a6834b164248068fb4259155c237e7921aeabeacafc7feda0fc35f
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe