www.yenibiris.com Open in urlscan Pro
89.187.169.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yenibiris.com/
Effective URL:
https://www.yenibiris.com/
Submission Tags: tranco_l324
Submission: On November 09 via api (November 9th 2021, 3:38:26 am UTC) from DE — Scanned from DE

Summary HTTP 203 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 69 IPs in 9 countries across 51 domains to perform 203 HTTP transactions. The main IP is 89.187.169.122, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.yenibiris.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 10th 2021. Valid for: a year.

This is the only time www.yenibiris.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	83.66.162.230 83.66.162.230	12978 (DOGAN-ONLINE) (DOGAN-ONLINE)
29	89.187.169.122 89.187.169.122	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	78.31.67.159 78.31.67.159	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1 1	185.29.195.172 185.29.195.172	201160 (D-TEK) (D-TEK)
2	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.32.99.29 13.32.99.29	16509 (AMAZON-02) (AMAZON-02)
1 1	91.235.64.232 91.235.64.232	201160 (D-TEK) (D-TEK)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.104 13.32.99.104	16509 (AMAZON-02) (AMAZON-02)
1	3.136.24.186 3.136.24.186	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
5 7	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.209.253.199 52.209.253.199	16509 (AMAZON-02) (AMAZON-02)
2 2	54.93.80.4 54.93.80.4	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:2a00:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:9000:215... 2600:9000:2156:1c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	18.157.70.90 18.157.70.90	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	3.120.13.220 3.120.13.220	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.249.161.76 34.249.161.76	16509 (AMAZON-02) (AMAZON-02)
1	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
3	185.29.195.171 185.29.195.171	201160 (D-TEK) (D-TEK)
2	185.29.195.174 185.29.195.174	201160 (D-TEK) (D-TEK)
2	185.29.195.173 185.29.195.173	201160 (D-TEK) (D-TEK)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
9	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST)
1 2	195.54.48.26 195.54.48.26	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	63.35.102.121 63.35.102.121	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	68.232.34.163 68.232.34.163	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:1b::6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
203	69

1 83.66.162.230 (Istanbul, Turkey) 1 redirects

ASN12978 (DOGAN-ONLINE, TR)

yenibiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 89.187.169.122 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-122.cdn77.com

www.yenibiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.31.67.159 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ve1221.venus.fastwebserver.de

isyasami.yenibiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.195.172 (Turkey) 1 redirects

ASN201160 (D-TEK, TR)

vsh.visilabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

avlsh.visilabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rpdn.relateddigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-29.fra60.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.64.232 (Turkey) 1 redirects

ASN201160 (D-TEK, TR)
PTR: eg-c-4-232.euromsg.net

wps.relateddigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.136.24.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-24-186.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.53 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.253.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-253-199.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.80.4 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-80-4.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:2a00:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.157.70.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.13.220 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-220.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.161.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-161-76.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.195.171 (Turkey)

ASN201160 (D-TEK, TR)

lgr.visilabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.195.174 (Turkey)

ASN201160 (D-TEK, TR)

rt.visilabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.195.173 (Turkey)

ASN201160 (D-TEK, TR)

s.visilabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.141.232 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.54.48.26 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-02-vip.weborama.fr

turismoportugal.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.102.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-102-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.232.34.163 (United States)

ASN15133 (EDGECAST, US)

media.adrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:1b::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lzney.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	yenibiris.com 1 redirects yenibiris.com www.yenibiris.com isyasami.yenibiris.com	721 KB
28	googlesyndication.com pagead2.googlesyndication.com 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com tpc.googlesyndication.com	157 KB
23	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net static.doubleclick.net	205 KB
22	youtube.com www.youtube.com	776 KB
11	weborama.fr 1 redirects cstatic.weborama.fr turismoportugal.solution.weborama.fr	562 KB
10	criteo.com 3 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com dis.criteo.com	16 KB
9	adnxs.com 6 redirects secure.adnxs.com ib.adnxs.com	9 KB
9	visilabs.net 1 redirects vsh.visilabs.net avlsh.visilabs.net lgr.visilabs.net rt.visilabs.net s.visilabs.net	86 KB
6	googlevideo.com r1---sn-4g5lzney.googlevideo.com	1 MB
6	2mdn.net s0.2mdn.net	239 KB
6	yahoo.com 1 redirects ads.yahoo.com ups.analytics.yahoo.com sp.analytics.yahoo.com	3 KB
5	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	88 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.com adservice.google.com www.google.com	16 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	53 KB
4	openx.net 2 redirects us-u.openx.net	882 B
3	adrcdn.com media.adrcdn.com	11 KB
3	bidswitch.net 1 redirects x.bidswitch.net	1 KB
3	adscale.de 2 redirects ih.adscale.de cotads.adscale.de	1 KB
2	teads.tv sync.teads.tv	344 B
2	googletagservices.com www.googletagservices.com	74 KB
2	tapad.com 1 redirects pixel.tapad.com	894 B
2	rlcdn.com idsync.rlcdn.com	396 B
2	advertising.com 2 redirects pixel.advertising.com	712 B
2	pubmatic.com simage2.pubmatic.com	867 B
2	360yield.com 1 redirects ad.360yield.com	852 B
2	google.de adservice.google.de www.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	bluekai.com stags.bluekai.com	2 KB
2	relateddigital.com 1 redirects wps.relateddigital.com rpdn.relateddigital.com	24 KB
1	ytimg.com i.ytimg.com	7 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	createjs.com code.createjs.com	63 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	turn.com 1 redirects d.turn.com	418 B
1	tpmn.co.kr ad.tpmn.co.kr	601 B
1	addthis.com cw.addthis.com	427 B
1	mgid.com cm.mgid.com	810 B
1	mediawallahscript.com partner.mediawallahscript.com	111 B
1	outbrain.com sync.outbrain.com	476 B
1	smaato.net s.ad.smaato.net	240 B
1	taboola.com sync-t1.taboola.com	230 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	552 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	criteo.net static.criteo.net	14 KB
1	googletagmanager.com www.googletagmanager.com	59 KB
1	cloudflare.com cdnjs.cloudflare.com	30 KB
203	51

	Domain	Requested by
29	www.yenibiris.com	www.yenibiris.com
22	www.youtube.com	cstatic.weborama.fr www.youtube.com
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	cstatic.weborama.fr	6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com cstatic.weborama.fr
9	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
7	secure.adnxs.com	5 redirects
6	r1---sn-4g5lzney.googlevideo.com	www.youtube.com
6	s0.2mdn.net	www.yenibiris.com s0.2mdn.net 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com www.yenibiris.com www.youtube.com
5	securepubads.g.doubleclick.net	www.yenibiris.com securepubads.g.doubleclick.net
4	us-u.openx.net	2 redirects googleads.g.doubleclick.net
4	dis.criteo.com
4	www.google.com	tpc.googlesyndication.com 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com www.youtube.com
4	gum.criteo.com	3 redirects static.criteo.net
3	media.adrcdn.com	cstatic.weborama.fr
3	lgr.visilabs.net
3	x.bidswitch.net	1 redirects
3	ups.analytics.yahoo.com	1 redirects
3	6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	beacon.krxd.net	6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com cdn.krxd.net
2	googleads4.g.doubleclick.net	www.yenibiris.com
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	turismoportugal.solution.weborama.fr	1 redirects 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	ib.adnxs.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
2	s.visilabs.net	vsh.visilabs.net
2	rt.visilabs.net
2	pixel.tapad.com	1 redirects
2	idsync.rlcdn.com
2	sp.analytics.yahoo.com
2	pixel.advertising.com	2 redirects
2	simage2.pubmatic.com
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stags.bluekai.com	www.yenibiris.com tags.bkrtx.com
2	isyasami.yenibiris.com	www.yenibiris.com
1	i.ytimg.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	code.createjs.com	s0.2mdn.net
1	fonts.googleapis.com	cstatic.weborama.fr
1	consumer.krxd.net	cdn.krxd.net
1	d.turn.com	1 redirects
1	ad.tpmn.co.kr
1	cw.addthis.com
1	cm.mgid.com
1	partner.mediawallahscript.com
1	sync.outbrain.com
1	s.ad.smaato.net
1	ads.yahoo.com
1	cotads.adscale.de
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	sslwidget.criteo.com	static.criteo.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	mug.criteo.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1	certify.alexametrics.com
1	tags.bkrtx.com	www.yenibiris.com
1	rpdn.relateddigital.com
1	wps.relateddigital.com	1 redirects
1	d31qbv1cthcecs.cloudfront.net	www.yenibiris.com
1	static.criteo.net	www.yenibiris.com
1	avlsh.visilabs.net
1	vsh.visilabs.net	1 redirects
1	www.googletagmanager.com	www.yenibiris.com
1	cdnjs.cloudflare.com	www.yenibiris.com
1	yenibiris.com	1 redirects
203	78

This site contains links to these domains. Also see Links.

Domain
kurumsal.yenibiris.com
meydan.yenibiris.com
isyasami.yenibiris.com
itunes.apple.com
play.google.com
appgallery.huawei.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.yenibiris.com AlphaSSL CA - SHA256 - G2	`2021-02-10` - `2022-03-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
isyasami.yenibiris.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.mediawallahscript.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.visilabs.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-20` - `2021-11-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-21` - `2022-10-22`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-19` - `2021-12-28`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.yenibiris.com/
Frame ID: 34BEB787E1F1223484EC0DC59E9AB10C
Requests: 70 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.yenibiris.com&origin=onetag
Frame ID: C7344E03E01FA9484C34CE94CA7BE94C
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/38288?ret=html&phint=__bk_t%3D%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.yenibiris.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=79559931
Frame ID: 31AAF97FBB5934A7372374D5EDA4E88D
Requests: 1 HTTP requests in this frame

Frame: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAE49DEB1AA2339DB9DEDA45F26A6EC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B3FD7EF50343F27E98ABBFE819B9721D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 51F690830ECB94598D6EC36341462B6C
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Frame ID: 7663830996B87298D9701D3F51D6FB5A
Requests: 30 HTTP requests in this frame

Frame: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 173260570F1DB9A181E05675324B2B40
Requests: 14 HTTP requests in this frame

Frame: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F27052CBBDEA6677A4A94D6EB04C98F
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-dgewCEIfGy-wCGKHMi7MBMAE&v=APEucNXug3JgzADKwpRhXQ3pV132erH7IaFgKKieFMsBbLDLX-M6uZ_2O-ZbBLz-_4IVz3Jcl6YB90A6uxmcPwIjtzylrZ0zqw7zjSvj5pF6WC9PEFFPT6nhb2FjipWkiV2urdWbOKi-tge7HQ_ZGvjknz1LnpAb2TQ4DmpNPZLHDsWou-zHOgQ
Frame ID: E79E5EB755BDF113E6F423DE3E8704D0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7oDTtQEwAQ&v=APEucNWtZe2nZ0swoWQTgaaBcj_0xJRDVynJI91_pM9J3hwxajsjJSMvTjo_4NIvitA7pvo3vOzJZOOedzaekpUphaqg9ZTCwZkxu2ZAC0Z8KQV4NVs0w2sq3fpgE3hpfIrJQEa9Xa9DEwEC1Eci_1S72JrA1hWtr32P4JkWetOFs9hsx49WFas
Frame ID: 51D0AEBB86EB2FD6EB84A4793A19FFE6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB9823790F35E5D92E4D3BC6DCB2F2AC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 578CE185C54C26B034945992B2F7BA47
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/1039189791015375/index.html
Frame ID: 015D42404833084614984C6498368B88
Requests: 6 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Frame ID: AC4A467EAEF82BD945D91251B2EEC833
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
Frame ID: 4B812026EC41C08430C7D8B5DAE8A0B5
Requests: 38 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/external.html?gdpr_cmp_failure=1
Frame ID: 48F4580323353C0B6311ED18DD50816C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

İş İlanları - Kariyer Fırsatları ile İş Bul | Yenibiris.com

Page URL History Show full URLs

http://yenibiris.com/ HTTP 301
https://www.yenibiris.com/ Page URL

Page Statistics

203
Requests

88 %
HTTPS

38 %
IPv6

51
Domains

78
Subdomains

69
IPs

9
Countries

4401 kB
Transfer

8869 kB
Size

64
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://kurumsal.yenibiris.com/
Title: İşveren

Search URL Search Domain Scan URL

URL: https://meydan.yenibiris.com/
Title: Meydan

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/
Title: İş Yaşamı

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/aday-rehberi/
Title: Tüm Öneriler

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/etkili-bir-sunum-icin-kacinilmasi-gereken-5-yaygin-hata/
Title: ETKİLİ BİR SUNUM İÇİN KAÇINILMASI GEREKEN 5 YAYGIN HATAMerve İnanduçar28.10.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/girisimciler-icin-10-maddelik-yol-haritasi/
Title: GİRİŞİMCİLER İÇİN 10 MADDELİK YOL HARİTASIBuse Karabulut20.10.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/beden-sagliginizin-is-hayatinizdaki-basariniza-etkisi/
Title: BEDEN SAĞLIĞINIZIN İŞ HAYATINIZDAKİ BAŞARINIZA ETKİSİBuse Karabulut07.10.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/flo-php-developer-yetistirme-egitim-kampi-genclere-yeni-nesil-is-firsatlari-sunuyor/
Title: FLO PHP DEVELOPER YETİŞTİRME EĞİTİM KAMPI GENÇLERE YENİ NESİL İŞ FIRSATLARI SUNUYORMerve İnanduçar27.09.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/haberler/
Title: Tüm Öneriler

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/demet-ikiler-en-guclu-50-kadin-ceo-listesinde-zirvede-wpp-turkiyeden-3-kadin-lider-listede-yer-aliyor/
Title: DEMET İKİLER, EN GÜÇLÜ 50 KADIN CEO LİSTESİNDE ZİRVEDE, WPP TÜRKİYE'DEN 3 KADIN LİDER LİSTEDE YER ALIYORBuse Karabulut05.11.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/akcansa-yilin-en-iyi-isvereni-odulu-ile-avrupanin-1-numarasi-oldu/
Title: AKÇANSA, 'YILIN EN İYİ İŞVERENİ' ÖDÜLÜ İLE AVRUPA'NIN 1 NUMARASI OLDUBuse Karabulut04.11.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/barilla-ust-yonetimde-kadin-oranimiz-dort-katina-cikarak-yuzde-40a-ulasti/
Title: BARILLA: “ÜST YÖNETİMDE KADIN ORANIMIZ DÖRT KATINA ÇIKARAK YÜZDE 40'A ULAŞTI"Buse Karabulut04.11.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/muhasebe-ve-finans-10-yil-icinde-kurumlarin-surdurulebilirligi-icin-kilit-meslek-olacak/
Title: MUHASEBE VE FİNANS, 10 YIL İÇİNDE KURUMLARIN SÜRDÜRÜLEBİLİRLİĞİ İÇİN KİLİT MESLEK OLACAKBuse Karabulut21.10.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/is-verenlere-ozel/
Title: Tüm Öneriler

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/sirketler-calisanlarini-neden-surekli-egitmeli/
Title: ŞİRKETLER ÇALIŞANLARINI NEDEN SÜREKLİ EĞİTMELİ?Buse Karabulut06.10.2021

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/covid-19-sonrasi-insan-kaynaklarinin-gelecegi/
Title: COVID-19 Sonrası İnsan Kaynakları'nın GeleceğiBuse Karabulut16.06.2020

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/yenibiristen-tum-hastanelere-ucretsiz-ilan/
Title: Yenibiriş’ten Tüm Hastanelere Ücretsiz İlanİrem Gören19.03.2020

Search URL Search Domain Scan URL

URL: https://isyasami.yenibiris.com/ulker-biskuvinin-yeni-ceosu-mete-buyurgan/
Title: Ülker Bisküvi'nin Yeni CEO'su: Mete BuyurganBuse Karabulut27.02.2020

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/tr/app/yenibiris.com-mobil/id521117280

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.pordiva.yenibiris

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C102365551

Search URL Search Domain Scan URL

URL: https://kurumsal.yenibiris.com/uye-ol
Title: Kurumsal Üyelik (firma)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/yenibiriscom

Search URL Search Domain Scan URL

URL: https://twitter.com/yenibiris

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/yenibiriscom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/yenibiris

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Yenibiriscom/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yenibiris.com/ HTTP 301
https://www.yenibiris.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://vsh.visilabs.net/Visilabs.min.js?sid=305046543731416A59544D3D&oid=5A6E707336634F43346C4D3D HTTP 301
https://avlsh.visilabs.net/5A6E707336634F43346C4D3D/305046543731416A59544D3D/Visilabs.min.js

Request Chain 41

https://wps.relateddigital.com/relatedpush_sdk.js?ckey=14B4CAD7A7B8440B876349FE93D55AE2&aid=1601b61c-3981-411a-b3a2-848568700591 HTTP 301
https://rpdn.relateddigital.com/rdsdk/14B4CAD7A7B8440B876349FE93D55AE2/1601b61c-3981-411a-b3a2-848568700591.js

Request Chain 59

https://gum.criteo.com/sid/json?origin=onetag&domain=yenibiris.com&sn=ChromeSyncframe&so=0&topUrl=www.yenibiris.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=RtEUcnx0dEpTRWdyejcwNXkwM1hzdlB1WlNjMlNOcVBpMTAreFg4dU41QlRkbW5YZ09OZkZEMElEMTZ1ZU5hNGFuNm9qdXdpR3dCOFRZWDllaWZyU2hXYTZGYVdBRCtvWXhlMlh4QUVvN1JGZm5ZcHI2QlIwSHNCT296cDF0SmVVL2ZFZlBRdWQ5Tlc5Y0E0cnFNU0JJVnQyNTAxZ0hoclJMUjREZFpVREZNaUhYZHpVSWZadk9MU3hucjN2V0E1Ty9ZenA3WE9HUXM0Syt6b1o0a2U5Uy9scFExdlpMc0MwTkNnWWNlVU1pQ2JOdzlOUjlseDVrMkhJOEh5elhCOEl0UEh2bXRCNmUwbHh0V0hzS3VSRk1HQnQxUT09fA&cppv=2

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0yUDR2azBZb0JLQjFmSVYxTS0td2o5SFV3REp4V0dEYXBRc2NIQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay0yUDR2azBZb0JLQjFmSVYxTS0td2o5SFV3REp4V0dEYXBRc2NIQQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 72

https://secure.adnxs.com/setuid?entity=52&code=k-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg&seg=130915 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg%26seg%3D130915

Request Chain 74

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ENhU90YoBKB1fIV1M--wj9HUwDL4qj84gQJoVw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ENhU90YoBKB1fIV1M--wj9HUwDL4qj84gQJoVw

Request Chain 75

https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-98zkikYoBKB1fIV1M--wj9HUwDJV7ls9ANSYkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-98zkikYoBKB1fIV1M--wj9HUwDJV7ls9ANSYkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=7234544c49034221bd405a7ddc0308e2 HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=5e40c7344e5fcbd4f41489c4c79df48924c0ac5fb8419cc457044ce89eed331e

Request Chain 77

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Yb8JXUYoBKB1fIV1M--wj9HUwDLopjzT1-yNYQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Yb8JXUYoBKB1fIV1M--wj9HUwDLopjzT1-yNYQ&verify=true

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GOPaYUYoBKB1fIV1M--wj9HUwDIzR1nowhznHw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GOPaYUYoBKB1fIV1M--wj9HUwDIzR1nowhznHw&expires=30

Request Chain 81

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-NH2RIkYoBKB1fIV1M--wj9HUwDKJ4VJM1CNRpQ&c=us HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-NH2RIkYoBKB1fIV1M--wj9HUwDKJ4VJM1CNRpQ&c=us

Request Chain 83

https://pixel.advertising.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1&apid=UP7c28aa6a-410e-11ec-9ce2-0228d03d97ac

Request Chain 85

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=zRpndHLMIEX8Sc4yZLgLmcveAObdTHcE

Request Chain 89

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA

Request Chain 100

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953

Request Chain 101

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/8_5d2BthP83tutBRgjRp2-duGlhWNORY/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3776043564747480709

Request Chain 107

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1&C=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYntLW53Jx2XQDqhnAjqYQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEASdSjASrlLROqspy3mDKtM&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjgzNTMyMjgzMTY2Mzk1Mw%3D%3D

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECl8jMl7CpBJf86s71W6D5o&google_cver=1

Request Chain 129

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzRmNjc4YmEtNWI4MS0yYWQwLWU0MzEtYTY1YjlhMTdlZmY1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEI3LwgrDYIhw3i8AC-pXzDg&google_cver=1

Request Chain 139

https://turismoportugal.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=5327&a.te=14106&a.ra=1636429100743874&a.agi=26&g.de=0&ca=60013049932&a.hr=js&a.wi=970&a.he=250&a.sh=1200&a.sw=1600&a.ycp=&g.ism=0&gdpr_cmp_failure=1&g.did=&a.we=0&a.pc=https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC4ucjLO2JYcKzLaGT7gOi7o3YBtmUw55l2af6oJYOi62wl7spEAEgz4vIaWCV4pCCoAfIAQmpAuQz7rA6crM-qAMBqgTfAU_QQUAUcsvJXY3qHLOOHG93lWISWbBLKz-e3FIojSymlBhsAX8UyJoAJ76bIFHs09NXS-S-UfJNJMPXmQANnvLPKsW_ox-9Wl5-8EZtH41ziMkK4Lfl8Lkt4KfCncU3W3s9pAvPwMwqUKNcIUQLON6U3ctFli1xawO0mKnXCpCqqOS-h93bJ5nazsYbTDEJiWSU8atwXeWqdHoqX3Hu1WzoM-d6p3h-8sOVnwaQSK-9nwTiUfqDHMIoON-KMNxYL67WU0V_0hbeveffMrSmaz8gkJ0e-X-GdSF0vZNrOeDABOrCo8_gA-AEA5AGAaAGTYAHz7u66wKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPFsZYNyBPdkK3eA9ATANgTCogUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg%26sig%3DAOD64_1OfDlAGYZkffdrV-j18kGslP0trQ%26client%3Dca-pub-2896002660004872%26dbm_c%3DAKAmf-Cfm4RNUAWtuMO_LScTicdr396f5Mgr-WY2zT-KC3ehzDjnP0nfQAkYjvDIQBk-4MYOv0InJNbnrVYdjpIqJA01MZ3y9kVGTO_SSd3gwUQqdgvEj94vjhGXGRUlqjBMQpbDX3rD7I_RlxqlFxZUMmD-HGm_4w%26cry%3D1%26dbm_d%3DAKAmf-B-rqgKAb2zo_jDuiM-z7gDB39mtDpWhhHEdP2s0jMohGXqNGas_2xZlR5hOXcAf0N108mIV1fOkh0lt09COBlm-28T-sDf8mWGc78dXKM5BoPAIFjaG3JUdGb9qW1DLi-liCbRbYHwElKMvMiKf2qaOTY6QsW38hOVoijslxAdqbpl_SkJZbnggNcRtDJ9f1htL1cZDW9iGOjM54PAmOLBI7mbdajavLKJh5b25K6vX-RWhp2nzPWWctSdi_BHGNY6dzaZuHeAY_q6esjHyCDnGThQkLvCgEOleJhGH5s9lRIz1FCdJIvjz8mka4gegBv-7FGiIwP_LO-4-jgARSi6GEnmKR3fNfHN0mUofRhPHMwR5TsGQrKnypvHeC7p2nxy5HpB_tVcYuwEA2r4QBSdWMBOhuGC3hBb6fBGAhlYwptaeeI%26adurl%3D&g.pu=https%3A//www.yenibiris.com/&g.ru= HTTP 302
https://turismoportugal.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=366707&a.A=im&a.si=5327&a.te=14106&a.ra=1636429100743874&a.agi=26&g.de=0&ca=60013049932&a.hr=js&a.wi=970&a.he=250&a.sh=1200&a.sw=1600&a.ycp=&g.ism=0&gdpr_cmp_failure=1&g.did=&a.we=0&a.pc=https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC4ucjLO2JYcKzLaGT7gOi7o3YBtmUw55l2af6oJYOi62wl7spEAEgz4vIaWCV4pCCoAfIAQmpAuQz7rA6crM-qAMBqgTfAU_QQUAUcsvJXY3qHLOOHG93lWISWbBLKz-e3FIojSymlBhsAX8UyJoAJ76bIFHs09NXS-S-UfJNJMPXmQANnvLPKsW_ox-9Wl5-8EZtH41ziMkK4Lfl8Lkt4KfCncU3W3s9pAvPwMwqUKNcIUQLON6U3ctFli1xawO0mKnXCpCqqOS-h93bJ5nazsYbTDEJiWSU8atwXeWqdHoqX3Hu1WzoM-d6p3h-8sOVnwaQSK-9nwTiUfqDHMIoON-KMNxYL67WU0V_0hbeveffMrSmaz8gkJ0e-X-GdSF0vZNrOeDABOrCo8_gA-AEA5AGAaAGTYAHz7u66wKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPFsZYNyBPdkK3eA9ATANgTCogUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg%26sig%3DAOD64_1OfDlAGYZkffdrV-j18kGslP0trQ%26client%3Dca-pub-2896002660004872%26dbm_c%3DAKAmf-Cfm4RNUAWtuMO_LScTicdr396f5Mgr-WY2zT-KC3ehzDjnP0nfQAkYjvDIQBk-4MYOv0InJNbnrVYdjpIqJA01MZ3y9kVGTO_SSd3gwUQqdgvEj94vjhGXGRUlqjBMQpbDX3rD7I_RlxqlFxZUMmD-HGm_4w%26cry%3D1%26dbm_d%3DAKAmf-B-rqgKAb2zo_jDuiM-z7gDB39mtDpWhhHEdP2s0jMohGXqNGas_2xZlR5hOXcAf0N108mIV1fOkh0lt09COBlm-28T-sDf8mWGc78dXKM5BoPAIFjaG3JUdGb9qW1DLi-liCbRbYHwElKMvMiKf2qaOTY6QsW38hOVoijslxAdqbpl_SkJZbnggNcRtDJ9f1htL1cZDW9iGOjM54PAmOLBI7mbdajavLKJh5b25K6vX-RWhp2nzPWWctSdi_BHGNY6dzaZuHeAY_q6esjHyCDnGThQkLvCgEOleJhGH5s9lRIz1FCdJIvjz8mka4gegBv-7FGiIwP_LO-4-jgARSi6GEnmKR3fNfHN0mUofRhPHMwR5TsGQrKnypvHeC7p2nxy5HpB_tVcYuwEA2r4QBSdWMBOhuGC3hBb6fBGAhlYwptaeeI%26adurl%3D&g.pu=https%3A//www.yenibiris.com/&g.ru=

203 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.yenibiris.com/
Redirect Chain

http://yenibiris.com/
https://www.yenibiris.com/

137 KB
33 KB

153ms
105ms

Document
text/html

89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 7d404c8e7ee121c6a9ffcb2d7db43a4c728c40e1fce307ce0d1b38f089d209ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
x-midtier: tr-ist-ds-s04
x-mcache: BYPASS
x-ecache: BYPASS
via: HTTP/2.0 Merlin CDN
x-edge: de-fra-dp-s02
server: MerlinCDN
allow: GET, HEAD, POST
age: 0
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Length: 9733
Content-Type: text/html; charset=utf-8
Location: https://www.yenibiris.com
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-Server: 03
Date: Tue, 09 Nov 2021 03:38:16 GMT

GET
H2 200 ybfont.ttf
www.yenibiris.com/Assets/fonts/ 38 KB
38 KB 10ms
9ms Font
application/octet-stream 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/ybfont.ttf?v58rwq
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 008c6b240500ba0f07b10e9347fccab7066b484f7b19684ba244bb5835275ac4

Request headers

Referer: https://www.yenibiris.com/
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
age: 3637
x-midtier: tr-ist-sh-s03
content-length: 38900
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
etag: "a1bff29dc183d71:0"
allow: GET, HEAD, POST
content-type: application/octet-stream
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 source-sans-pro-v13-latin-ext-regular.woff2
www.yenibiris.com/Assets/fonts/ 25 KB
25 KB 16ms
15ms Font
font/x-woff2 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/source-sans-pro-v13-latin-ext-regular.woff2
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b

Request headers

Referer: https://www.yenibiris.com/
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 28 Jul 2021 15:02:40 GMT
server: MerlinCDN
age: 6247
etag: "ddd07e9cc183d71:0"
allow: GET, HEAD, POST
content-type: font/x-woff2
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: HIT
accept-ranges: bytes
x-midtier: tr-ist-ds-s04
content-length: 25656
x-mcache: HIT

GET
H2 200 source-sans-pro-v13-latin-ext-300.woff2
www.yenibiris.com/Assets/fonts/ 25 KB
25 KB 20ms
19ms Font
font/x-woff2 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/source-sans-pro-v13-latin-ext-300.woff2
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2

Request headers

Referer: https://www.yenibiris.com/
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 28 Jul 2021 15:02:40 GMT
server: MerlinCDN
age: 838
etag: "7d6f7c9cc183d71:0"
allow: GET, HEAD, POST
content-type: font/x-woff2
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: HIT
accept-ranges: bytes
x-midtier: de-fra-dp-s01
content-length: 25716
x-mcache: EXPIRED

GET
H2 200 source-sans-pro-v13-latin-ext-600.woff2
www.yenibiris.com/Assets/fonts/ 25 KB
25 KB 21ms
20ms Font
font/x-woff 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/source-sans-pro-v13-latin-ext-600.woff2
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4

Request headers

Referer: https://www.yenibiris.com/
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
age: 8056
x-midtier: tr-ist-ds-s04
content-length: 25520
last-modified: Thu, 27 Feb 2020 21:41:57 GMT
server: MerlinCDN
etag: "4c84f8bbb6edd51:0"
allow: GET, HEAD, POST
content-type: font/x-woff
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 source-sans-pro-v13-latin-ext-700.woff2
www.yenibiris.com/Assets/fonts/ 25 KB
25 KB 22ms
22ms Font
font/x-woff2 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/source-sans-pro-v13-latin-ext-700.woff2
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 6e61ff70aa38f060f30b48d976229397f2511da58fe972bf45042cf9268d34dd

Request headers

Referer: https://www.yenibiris.com/
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 28 Jul 2021 15:02:40 GMT
server: MerlinCDN
age: 7479
etag: "7d6f7c9cc183d71:0"
allow: GET, HEAD, POST
content-type: font/x-woff2
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: HIT
accept-ranges: bytes
x-midtier: de-fra-dp-s01
content-length: 25348
x-mcache: EXPIRED

GET
H2 200 fontawesome-webfont.woff2
www.yenibiris.com/Assets/fonts/ 65 KB
65 KB 23ms
22ms Font
font/x-woff 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.yenibiris.com/
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
age: 838
x-midtier: tr-izm-nt-s05
content-length: 66624
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
etag: "1f3ae99dc183d71:0"
allow: GET, HEAD, POST
content-type: font/x-woff
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/ 94 KB
30 KB 60ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2803423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30024
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZklOV1gJ1sPZcgZQn2mfbyBBCgPR%2FT4ryzHa6C1kbUXPxT304ihNTpr7dO3MOQZzQt53xk5SiULVMz%2B4oE94SVuTRUH2eSg%2Fm1YtdpePa5cRpQT2GO%2F7bJxLsmlm7Z%2B6Mt2RV2sSmuIeKqTXOyyiGDM5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab401f27b840e0e-MXP
expires: Sun, 30 Oct 2022 03:38:19 GMT

GET
H2 200 cat-1.webp
www.yenibiris.com/Assets/img/ 7 KB
8 KB 57ms
56ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/cat-1.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: a4db1e00a496cc41239ecf1d22332353d73f6e9e618df44ce10b7c24d912463e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 0
x-midtier: tr-izm-nt-s05
content-length: 7626
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
etag: "121f59dc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: EXPIRED
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 cat-2.webp
www.yenibiris.com/Assets/img/ 6 KB
6 KB 79ms
79ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/cat-2.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 78f1719c638e483f71d0c1712f989c9a4d23d210289aa6449b8086ba2e73556c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 0
x-midtier: de-fra-dp-s01
content-length: 5782
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
etag: "121f59dc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: EXPIRED
accept-ranges: bytes
x-mcache: EXPIRED

GET
H2 200 cat-3.webp
www.yenibiris.com/Assets/img/ 8 KB
8 KB 56ms
56ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/cat-3.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 72293a89fe86d4aaa9591393243a0b4bc0c2d02f4cebeffda5b983a193b7cacf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 0
x-midtier: de-fra-dp-s01
content-length: 8346
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
etag: "121f59dc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: EXPIRED
accept-ranges: bytes
x-mcache: EXPIRED

GET
H2 200 cat-4.webp
www.yenibiris.com/Assets/img/ 11 KB
11 KB 62ms
61ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/cat-4.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 21bc930843a279725ff0fc5d1f3b5981f6818c880ac4910eb25c3c3c41c73c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 28 Jul 2021 15:02:40 GMT
server: MerlinCDN
age: 0
etag: "3e32819cc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: EXPIRED
accept-ranges: bytes
x-midtier: tr-ist-sh-s03
content-length: 11256
x-mcache: HIT

GET
H2 200 cat-5.webp
www.yenibiris.com/Assets/img/ 11 KB
11 KB 73ms
72ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/cat-5.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 65c40442b953ffd9630c1937550105ceffc345b9f4c49a76200fe7717406c72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 0
x-midtier: de-fra-dp-s01
content-length: 11326
last-modified: Wed, 28 Jul 2021 15:02:41 GMT
server: MerlinCDN
etag: "75c6f59cc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: EXPIRED
accept-ranges: bytes
x-mcache: EXPIRED

GET
H2 200 cat-6.webp
www.yenibiris.com/Assets/img/ 6 KB
6 KB 71ms
70ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/cat-6.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: e9a08cab8111f05154841fdb5ba55dac23849df0ee991dcd70963397af39b4c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 0
x-midtier: tr-izm-nt-s05
content-length: 5730
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
etag: "6182f79dc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: EXPIRED
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 select2.png
www.yenibiris.com/Content/ 613 B
910 B 71ms
70ms Image
image/png 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Content/select2.png
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: d6b5d8d83dbc18fb8d77c8761d331cd9e5123c9684950bab0406e98a24ac5ae8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 0
x-midtier: tr-ist-ds-s04
content-length: 613
last-modified: Wed, 13 Nov 2019 08:48:19 GMT
server: MerlinCDN
etag: "148b1119ff99d51:0"
allow: GET, HEAD, POST
content-type: image/png
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: EXPIRED
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 hmp-1.css
www.yenibiris.com/css/ 251 KB
53 KB 229ms
228ms Stylesheet
text/css 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: ba56118a9bf2b54af94301fd355cecabb93a3ceb44606005cb81bf45544a023d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
vary: User-Agent
last-modified: Tue, 09 Nov 2021 03:38:00 GMT
server: MerlinCDN
age: 0
x-midtier: de-fra-dp-s01
allow: GET, HEAD, POST
content-type: text/css; charset=utf-8
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: EXPIRED
content-encoding: gzip
x-mcache: EXPIRED

GET
H2 200 for-cookie.png
www.yenibiris.com/Assets/img/ 2 KB
3 KB 24ms
23ms Image
image/png 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/for-cookie.png
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: bac8265857aba474eff60a95af469861d0221422ed15f3ba1355be0b8fb76aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 7480
x-midtier: de-fra-dp-s01
content-length: 2326
last-modified: Wed, 28 Jul 2021 15:02:41 GMT
server: MerlinCDN
etag: "d527f89cc183d71:0"
allow: GET, HEAD, POST
content-type: image/png
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: HIT
accept-ranges: bytes
x-mcache: EXPIRED

GET
H2 200 yenibiris_logo.svg
www.yenibiris.com/Assets/img/svg/ 8 KB
3 KB 24ms
24ms Image
image/svg+xml 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/svg/yenibiris_logo.svg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: a00e81be10bf31e606cae5685380a949e31458b30c097777ebc3ff263153361a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 28 Jul 2021 15:02:43 GMT
server: MerlinCDN
content-encoding: gzip
age: 6248
etag: W/"32c89ec183d71:0"
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: HIT
x-midtier: de-fra-dp-s01
x-mcache: HIT

GET
H2 200 empty-loader.gif
www.yenibiris.com/Assets/img/ 1 KB
1 KB 25ms
24ms Image
image/gif 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/empty-loader.gif
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 4b5aa8a4e7798b5f22d16895b8830ea944e89a534fde442709fe0697daa3d338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 8741
x-midtier: tr-ist-sh-s03
content-length: 1096
last-modified: Wed, 28 Jul 2021 15:02:41 GMT
server: MerlinCDN
etag: "d527f89cc183d71:0"
allow: GET, HEAD, POST
content-type: image/gif
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
H2 200 hmp-1.js Show response
www.yenibiris.com/js/ 146 KB
49 KB 62ms
62ms Script
text/javascript 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/js/hmp-1.js?v=nPtlFhsBxkfS8OaqJl64Aj9pq4WCJtn2Aa1E5PWI9Qo1
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: ac8688d222dbca17c0dff0b5a0dc500b5c504512a8a31fe47c4c72a9ae600b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:19 GMT
via: HTTP/2.0 Merlin CDN
vary: User-Agent
last-modified: Tue, 09 Nov 2021 01:10:26 GMT
server: MerlinCDN
age: 0
x-midtier: tr-ist-sh-s03
allow: GET, HEAD, POST
content-type: text/javascript; charset=utf-8
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: EXPIRED
content-encoding: gzip
x-mcache: HIT

GET
H2 200 ybfont.woff
www.yenibiris.com/Assets/fonts/ 38 KB
38 KB 12ms
12ms Font
font/x-woff 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yenibiris.com/Assets/fonts/ybfont.woff?v58rwq
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 15923d16059b5d6009bc1412c5f4172c853a47f13f7579bde5e59ac85eea42b9

Request headers

Referer: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
Origin: https://www.yenibiris.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 6248
x-midtier: de-fra-dp-s01
content-length: 38976
last-modified: Wed, 28 Jul 2021 15:02:41 GMT
server: MerlinCDN
etag: "1465f39cc183d71:0"
allow: GET, HEAD, POST
content-type: font/x-woff
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22106242d3872886e53112d81cab2c4a78c450faee47e7da898010c04d7d5e7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg_footer_shapes.webp
www.yenibiris.com/Assets/img/ 21 KB
21 KB 9ms
9ms Image
image/webp 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/bg_footer_shapes.webp
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: bf7d5bbb8788d1a9debe24ee1ece50bc98f8bfcfb62164740ce743641973cce1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
age: 6248
x-midtier: tr-ist-sh-s03
content-length: 21266
last-modified: Wed, 28 Jul 2021 15:02:41 GMT
server: MerlinCDN
etag: "1465f39cc183d71:0"
allow: GET, HEAD, POST
content-type: image/webp
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: HIT
accept-ranges: bytes
x-mcache: HIT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 146 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ace3371ed85cac39e792abdce09ba3fadad7328a8322ba488b66d23d9c19e687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 47673.jpg
www.yenibiris.com/logo/ 9 KB
9 KB 47ms
47ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/47673.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 8478ac98d335f04d359e62fc1b1f4666db6f7795c5e6fabc78b4c0db2e3f17f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Sat, 22 May 2021 17:48:39 GMT
server: MerlinCDN
age: 0
x-midtier: tr-ist-ds-s04
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: MISS
accept-ranges: bytes
content-length: 8818
x-mcache: HIT

GET
H2 200 69062.jpg
www.yenibiris.com/logo/ 6 KB
6 KB 70ms
69ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/69062.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 3fb6644e2b9f3204019e66068154a089370cace0529f5f6255275e3879804233

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Fri, 05 Nov 2021 17:58:43 GMT
server: MerlinCDN
age: 0
x-midtier: de-fra-dp-s01
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: EXPIRED
accept-ranges: bytes
content-length: 5979
x-mcache: EXPIRED

GET
H2 200 69075.jpg
www.yenibiris.com/logo/ 8 KB
8 KB 69ms
68ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/69075.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: fa8a4883f414fad8f3dd67fbb621983702cc4645eaed358068542e7e658bf661

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Tue, 09 Nov 2021 03:05:37 GMT
server: MerlinCDN
age: 0
x-midtier: tr-ist-sh-s03
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: MISS
accept-ranges: bytes
content-length: 8143
x-mcache: HIT

GET
H2 200 65278.jpg
www.yenibiris.com/logo/ 6 KB
6 KB 72ms
70ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/65278.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 2307c6ccc79e1d57ab6d9d524a1a5f630aa9333b1e727bb28b4f2f1edddfa3c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 29 Sep 2021 06:55:11 GMT
server: MerlinCDN
age: 0
x-midtier: tr-izm-nt-s05
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: MISS
accept-ranges: bytes
content-length: 6380
x-mcache: HIT

GET
H2 200 61672.jpg
www.yenibiris.com/logo/ 8 KB
8 KB 118ms
116ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/61672.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: bdcd8256a9778481a45d5ae7cd80a2d7e1299b74ef8f846f233116d81bc50652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Tue, 09 Nov 2021 03:38:00 GMT
server: MerlinCDN
age: 0
x-midtier: de-fra-dp-s01
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: MISS
accept-ranges: bytes
content-length: 8100
x-mcache: MISS

GET
H2 200 38537.jpg
www.yenibiris.com/logo/ 4 KB
4 KB 27ms
26ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/38537.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 675c0fd294e29aba4403904227489fdce24e2a373fa1fded139b66b22a62772e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Tue, 24 Aug 2021 23:47:14 GMT
server: MerlinCDN
age: 0
x-midtier: de-fra-dp-s01
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 01
x-ecache: EXPIRED
accept-ranges: bytes
content-length: 3728
x-mcache: HIT

GET
H2 200 69059.jpg
www.yenibiris.com/logo/ 9 KB
10 KB 24ms
23ms Image
image/jpg 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/logo/69059.jpg
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 52edd331b3ca18cd871c7c561f5309ff3c018a48ae2920987ff5024150726e2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Fri, 05 Nov 2021 15:04:32 GMT
server: MerlinCDN
age: 10451
x-midtier: tr-ist-ds-s04
allow: GET, HEAD, POST
content-type: image/jpg
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-server: 03
x-ecache: HIT
accept-ranges: bytes
content-length: 9569
x-mcache: HIT

GET
H2 200 sunum-teknikleri-360x220.png
isyasami.yenibiris.com/wp-content/uploads/2021/10/ 122 KB
123 KB 59ms
23ms Image
image/png 78.31.67.159
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://isyasami.yenibiris.com/wp-content/uploads/2021/10/sunum-teknikleri-360x220.png
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.31.67.159 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ve1221.venus.fastwebserver.de
Software: nginx / PleskLin
Resource Hash: a0b942ca6f37bb215b7fb8a6fcbb1326b2936af0777203efcf41a38f128b9c62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
last-modified: Thu, 28 Oct 2021 07:34:51 GMT
server: nginx
x-powered-by: PleskLin
etag: "617a529b-1e95b"
content-type: image/png
accept-ranges: bytes
content-length: 125275
expires: max-age=2592000, public

GET
H2 200 girisimciler-icin-10-maddelik-yol-haritasi-oya-ozturk-360x220.png
isyasami.yenibiris.com/wp-content/uploads/2021/10/ 78 KB
78 KB 52ms
17ms Image
image/png 78.31.67.159
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://isyasami.yenibiris.com/wp-content/uploads/2021/10/girisimciler-icin-10-maddelik-yol-haritasi-oya-ozturk-360x220.png
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.31.67.159 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ve1221.venus.fastwebserver.de
Software: nginx / PleskLin
Resource Hash: bd43247f758f3086b3515f04a2524e6c8dec704b2c2b9588258ce160813fa3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
last-modified: Wed, 20 Oct 2021 10:55:18 GMT
server: nginx
x-powered-by: PleskLin
etag: "616ff596-13791"
content-type: image/png
accept-ranges: bytes
content-length: 79761
expires: max-age=2592000, public

GET
H2 200 bg_geo_shapes.png
www.yenibiris.com/Assets/img/ 10 KB
10 KB 25ms
25ms Image
image/png 89.187.169.122
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yenibiris.com/Assets/img/bg_geo_shapes.png
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-122.cdn77.com
Software: MerlinCDN /
Resource Hash: 4a706c524181f887a9f3f054063ee68a4b423687b583d6692019d83208395547

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/css/hmp-1.css?v=MtE0_1FAjNKA7EQZoGEk5KHUSNvAtOE71ZetLSPWKSM1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: HTTP/2.0 Merlin CDN
last-modified: Wed, 28 Jul 2021 15:02:40 GMT
server: MerlinCDN
age: 6248
etag: "3e32819cc183d71:0"
allow: GET, HEAD, POST
content-type: image/png
x-edge: de-fra-dp-s02
cache-control: max-age=14400
x-ecache: HIT
accept-ranges: bytes
x-midtier: tr-izm-nt-s05
content-length: 9962
x-mcache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
59 KB 56ms
28ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3VR9

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9424647d01d105ffbf0a43ffd0338bf663946f88d373f22f7ee5349e04b5531a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60054
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Nov 2021 03:38:20 GMT

GET
H2

200

Visilabs.min.js Show response
avlsh.visilabs.net/5A6E707336634F43346C4D3D/305046543731416A59544D3D/
Redirect Chain

https://vsh.visilabs.net/Visilabs.min.js?sid=305046543731416A59544D3D&oid=5A6E707336634F43346C4D3D
https://avlsh.visilabs.net/5A6E707336634F43346C4D3D/305046543731416A59544D3D/Visilabs.min.js

249 KB
71 KB

177ms
20ms

Script
text/javascript

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://avlsh.visilabs.net/5A6E707336634F43346C4D3D/305046543731416A59544D3D/Visilabs.min.js
Protocol: H2
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88f4aa7734efac8a048abb21a71eed64edb5f115dfd39ce746c995594f23d391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: br
last-modified: Wed, 18 Aug 2021 09:48:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: KSusIAh2Qiqwt1BCifvPSw==
etag: 0x8D9622D4630CF91
x-azure-ref: 0LO2JYQAAAADLh1WSZyeOQKUPyUbdpCSOWlJIRURHRTA2MTUAMzAwMDcxNzUtYjg4MC00ZGJhLTg2OWUtNjNjMzYwNDU1MjI5
x-cache: TCP_HIT
content-type: text/javascript
x-ms-request-id: d12143d2-301e-004a-040a-d45c18000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0BSSJYQAAAABaml2TkSykTKGovrX1HUh8QU1TMDRFREdFMTkwOAAzMDAwNzE3NS1iODgwLTRkYmEtODY5ZS02M2MzNjA0NTUyMjk=

Redirect headers

Location: https://avlsh.visilabs.net/5A6E707336634F43346C4D3D/305046543731416A59544D3D/Visilabs.min.js
Date: Tue, 09 Nov 2021 03:38:20 GMT
Cache-Control: private
Content-Length: 209
Content-Type: text/html; charset=utf-8

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 81ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 08:29:00 GMT
server: nginx
etag: W/"615c0ccc-a373"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:38:20 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 49ms
8ms Script
application/javascript 13.32.99.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-29.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 16882254
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: EG1wmQ0WbbFIhqCli-qPhi-SV0vhiAYkyqTZvUL_9NbrMyW9n61Ikw==

GET
H2

200

1601b61c-3981-411a-b3a2-848568700591.js Show response
rpdn.relateddigital.com/rdsdk/14B4CAD7A7B8440B876349FE93D55AE2/
Redirect Chain

https://wps.relateddigital.com/relatedpush_sdk.js?ckey=14B4CAD7A7B8440B876349FE93D55AE2&aid=1601b61c-3981-411a-b3a2-848568700591
https://rpdn.relateddigital.com/rdsdk/14B4CAD7A7B8440B876349FE93D55AE2/1601b61c-3981-411a-b3a2-848568700591.js

77 KB
23 KB

178ms
21ms

Script
application/javascript

2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpdn.relateddigital.com/rdsdk/14B4CAD7A7B8440B876349FE93D55AE2/1601b61c-3981-411a-b3a2-848568700591.js
Protocol: H2
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b54b3c2508744497e606339017f82e33bb22dde4bd6d38030907da0905045341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: br
last-modified: Tue, 16 Mar 2021 08:29:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 7t7Ij4NawbRde4sC2zKlzw==
etag: 0x8D8E855A1851EB3
x-azure-ref: 0LO2JYQAAAADMizOF16y0TaAOf4NqLDyQWlJIRURHRTEzMDkAMTEyZWI1MDAtY2ZjYi00ZjNjLWE5YjAtZWI2ZDI1Y2YyODQz
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: dabcc45d-601e-0025-275d-d156eb000000
cache-control: public, max-age=604800
x-ms-version: 2009-09-19
x-azure-ref-originshield: 04vCDYQAAAAD1PgYosQQfQpgnGMhlLIQyTE9OMjFFREdFMTUyMgAxMTJlYjUwMC1jZmNiLTRmM2MtYTliMC1lYjZkMjVjZjI4NDM=

Redirect headers

Date: Tue, 09 Nov 2021 03:38:20 GMT
Server
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=157680000
Content-Type: text/html; charset=utf-8
Location: https://rpdn.relateddigital.com/rdsdk/14B4CAD7A7B8440B876349FE93D55AE2/1601b61c-3981-411a-b3a2-848568700591.js
Cache-Control: private
LB: 19
Content-Length: 227

GET
H/1.1 200
OK 36374 Show response
stags.bluekai.com/site/ 41 B
648 B 232ms
159ms Script
text/javascript 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/36374?ret=js&limit=1
Requested by: Host: www.yenibiris.com
URL: https://www.yenibiris.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:20 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 41
BK-Server: 6349
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 45ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 258 of 1000 / last-modified: 1636412772"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27060
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 03:38:20 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 97ms
24ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 09 Nov 2021 03:38:20 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Tue, 16 Nov 2021 03:38:20 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 44ms
8ms Image
image/gif 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&time=1636429100072&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.yenibiris.com%2F&random_number=13248171838&sess_cookie=6846ce0417d02c67426a8183abf&sess_cookie_flag=1&user_cookie=6846ce0417d02c67426a8183abf&user_cookie_flag=1&dynamic=true&domain=yenibiris.com&account=X0dmj1aAkN00qC&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:22:37 GMT
Via: 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 88172
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA60-P3
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: RKHS0Yg6LYH1pqISnCN-936_btyu2MHNDlki7KAAhxABvKNIP_I9VA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 362ms
112ms Image
text/plain 3.136.24.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.24.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-24-186.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
server: Server

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 21ms
20ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 03:38:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 144 B
131 B 34ms
16ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.yenibiris.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

62d24b6d4af40c1a671dcaa9ea4c74dbf65efa955dd57e30321fe996b7349e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Tue, 09 Nov 2021 03:38:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3VR9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 5866
date: Tue, 09 Nov 2021 02:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 09 Nov 2021 04:00:34 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C734 11 KB
5 KB 57ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.yenibiris.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2150
date: Tue, 09 Nov 2021 03:38:20 GMT
content-length: 4685

GET
H/1.1 200
OK 38288 Show response
stags.bluekai.com/site/ Frame 31AA 451 B
940 B 204ms
203ms Document
text/html 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/38288?ret=html&phint=__bk_t%3D%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.yenibiris.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=79559931
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6867fc83c1aab76454b296b0c30d8606558b6bafe8347ff1c6cc38c5cd4c3c14

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

Content-Type: text/html
Content-Length: 451
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
BK-Server: 26a2
Date: Tue, 09 Nov 2021 03:38:20 GMT
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 46ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yenibiris.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yenibiris.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 326ms
326ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3842273887050158&correlator=2686373586513288&output=ldjh&impl=fifs&eid=31063683%2C31063183%2C31063246&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=21725626465%2CDesktop_Anasayfa%2C728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636429100&dt=1636429100322&dlt=1636429099443&idt=839&frm=20&biw=1600&bih=1200&oid=2&adxs=243&adys=718&adks=109500354&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.yenibiris.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=753x0&msz=753x0&ga_vid=497443161.1636429100&ga_sid=1636429100&ga_hid=1977018158&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2b3ffa436327c3af2d6bc8de64cc5601de217a875364deab0ec7aafc47cdf146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7267
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.yenibiris.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 261ms
261ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3842273887050158&correlator=949857721446995&output=ldjh&impl=fifs&eid=31063683%2C31063183%2C31063246&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=21725626465%2CDesktop_Anasayfa%2C728x90_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C970x90%7C728x90%7C970x250&fluid=height&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636429100&dt=1636429100327&dlt=1636429099443&idt=839&frm=20&biw=1600&bih=1200&oid=2&adxs=566&adys=1096&adks=2880847644&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.yenibiris.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=497443161.1636429100&ga_sid=1636429100&ga_hid=1977018158&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3169c2f46bc0ce97a532e383739e09e260f8e4e8159f4abe7456a83bb38f3a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.yenibiris.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 43ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43d77a496b8d07422b1c4afb9b3155ff00054651ed089be779f4dfbae5fb8963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9358
x-xss-protection: 0

GET
H2 200 container.html Show response
6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAE4 6 KB
4 KB 71ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 03:38:20 GMT
expires: Wed, 09 Nov 2022 03:38:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1977018158&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yenibiris.com%2F&dh=yenibiris.com&ul=en-us&de=UTF-8&dt=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1870277063&gjid=374935094&cid=497443161.1636429100&tid=UA-1161776-1&_gid=1851612897.1636429100&_r=1&gtm=2wgb803VR9&cd23=&cd24=Login%20Olmam%C4%B1%C5%9F&cd30=stage2&cd32=0&z=1573625184

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yenibiris.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yenibiris.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C734
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=yenibiris.com&sn=ChromeSyncframe&so=0&topUrl=www.yenibiris.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=RtEUcnx0dEpTRWdyejcwNXkwM1hzdlB1WlNjMlNOcVBpMTAreFg4dU41QlRkbW5YZ09OZkZEMElEMTZ1ZU5hNGFuNm9qdXdpR3dCOFRZWDllaWZyU2hXYTZGYVdBRCtvWXhlMlh4QUVvN1JGZm5ZcHI2QlIwSHNCT296cD...

435 B
617 B

54ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RtEUcnx0dEpTRWdyejcwNXkwM1hzdlB1WlNjMlNOcVBpMTAreFg4dU41QlRkbW5YZ09OZkZEMElEMTZ1ZU5hNGFuNm9qdXdpR3dCOFRZWDllaWZyU2hXYTZGYVdBRCtvWXhlMlh4QUVvN1JGZm5ZcHI2QlIwSHNCT296cDF0SmVVL2ZFZlBRdWQ5Tlc5Y0E0cnFNU0JJVnQyNTAxZ0hoclJMUjREZFpVREZNaUhYZHpVSWZadk9MU3hucjN2V0E1Ty9ZenA3WE9HUXM0Syt6b1o0a2U5Uy9scFExdlpMc0MwTkNnWWNlVU1pQ2JOdzlOUjlseDVrMkhJOEh5elhCOEl0UEh2bXRCNmUwbHh0V0hzS3VSRk1HQnQxUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8b73ea0f694e03491fe8d4e5291cc3f62db1622cfda2d4cdecb6c6b32388f483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 09 Nov 2021 03:38:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2156
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=RtEUcnx0dEpTRWdyejcwNXkwM1hzdlB1WlNjMlNOcVBpMTAreFg4dU41QlRkbW5YZ09OZkZEMElEMTZ1ZU5hNGFuNm9qdXdpR3dCOFRZWDllaWZyU2hXYTZGYVdBRCtvWXhlMlh4QUVvN1JGZm5ZcHI2QlIwSHNCT296cDF0SmVVL2ZFZlBRdWQ5Tlc5Y0E0cnFNU0JJVnQyNTAxZ0hoclJMUjREZFpVREZNaUhYZHpVSWZadk9MU3hucjN2V0E1Ty9ZenA3WE9HUXM0Syt6b1o0a2U5Uy9scFExdlpMc0MwTkNnWWNlVU1pQ2JOdzlOUjlseDVrMkhJOEh5elhCOEl0UEh2bXRCNmUwbHh0V0hzS3VSRk1HQnQxUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1918
content-length: 541
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1161776-1&cid=497443161.1636429100&jid=1870277063&gjid=374935094&_gid=1851612897.1636429100&_u=YAhAAAAAAAAAAC~&z=154952672

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yenibiris.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.yenibiris.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 03:38:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B3FD 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 08 Nov 2021 20:02:57 GMT
expires: Tue, 08 Nov 2022 20:02:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 51F6 783 B
1 KB 42ms
18ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e69945f1008946d0837afecae8e05fe6232ccd299e470b3a833602c9e27114e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CbfP7LdYBb1OwCVMPRpYOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 03:38:20 GMT
date: Tue, 09 Nov 2021 03:38:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CbfP7LdYBb1OwCVMPRpYOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 42ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1161776-1&cid=497443161.1636429100&jid=1870277063&_u=YAhAAAAAAAAAAC~&z=1291069863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1161776-1&cid=497443161.1636429100&jid=1870277063&_u=YAhAAAAAAAAAAC~&z=1291069863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
8 KB 62ms
29ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=19087&v=5.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V_ID4V94NnphOEtLRSUyQjVMMDZoaW5hdTJuQXZZWjljJTJCakl0ZGs0RjNuNUdLOURZcTdSZW4xdU1HYW5IbllqTFZZcG4lMkZwZGVqQTQ4MnpWNXFNTkpRdXhjNEFuOENpR05VVVV1c09abW1iVHI0ejI4YTFXJTJGVURtSE1PUlJhaWdNTSUyRncwVTlVRnVFSVlnNTBoTFNxdTRmZEE5RDZBJTNEJTNE&tld=yenibiris.com&dtycbr=76822
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 386b8be3812bfd726539d80bee4229239d30559f7b6097fde699dc74aa6e37e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: application/x-javascript
server: Kestrel
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15213365
timing-allow-origin: *
expires: 0

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame B3FD 35 KB
14 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 51F6 0
0 23ms
23ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=3842273887050158&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 7663
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0yUDR2azBZb0JLQjFmSVYxTS0td2o5SFV3REp4V0dEYXBRc2NIQQ
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay0yUDR2azBZb0JLQjFmSVYxTS0td2o5SFV3REp4V0dEYXBRc2NIQQ&google_tc=
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 271506
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7663 0
239 B 32ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-wL5WzkYoBKB1fIV1M--wj9HUwDKvlPheoKPpUg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7663 43 B
163 B 65ms
21ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-LMCytkYoBKB1fIV1M--wj9HUwDJgokN-GmkE7w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 7663
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg&seg=130915
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg%26seg%3D130915

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg%26seg%3D130915

Protocol

HTTP/1.1

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:20 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4d8467d8-9588-469c-9893-d87402362c76
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:20 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 54a88b7b-1144-4673-85dc-0b3a752d86fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg%26seg%3D130915
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7663 0
230 B 54ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-GclJ0UYoBKB1fIV1M--wj9HUwDLcWPqYv2s5IQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8758

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7663
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ENhU90YoBKB1fIV1M--wj9HUwDL4qj84gQJoVw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ENhU90YoBKB1fIV1M--wj9HUwDL4qj84gQJoVw

43 B
446 B

33ms
33ms

Image
image/gif

52.209.253.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ENhU90YoBKB1fIV1M--wj9HUwDL4qj84gQJoVw
Protocol: H2
Server: 52.209.253.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-253-199.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 03:38:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ENhU90YoBKB1fIV1M--wj9HUwDL4qj84gQJoVw
date: Tue, 09 Nov 2021 03:38:21 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 7663
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-98zkikYoBKB1fIV1M--wj9HUwDJV7ls9ANSYkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=111&tpuid=k-98zkikYoBKB1fIV1M--wj9HUwDJV7ls9ANSYkQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=72345...
https://cotads.adscale.de/ads/pixel/1by1.png?uid=5e40c7344e5fcbd4f41489c4c79df48924c0ac5fb8419cc457044ce89eed331e

321 B
701 B

60ms
7ms

Image
image/png

2600:9000:223d:2a00:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=5e40c7344e5fcbd4f41489c4c79df48924c0ac5fb8419cc457044ce89eed331e
Protocol: H2
Server: 2600:9000:223d:2a00:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 06:36:31 GMT
via: 1.1 d79861a030d3421826a919f9c2b00147.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 594111
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: w-P-Bdv05H90Ti5kWFTLZW7lUzM6Bx_8fIyOxWi0ibfmqaWRxqngdQ==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=5e40c7344e5fcbd4f41489c4c79df48924c0ac5fb8419cc457044ce89eed331e
date: Tue, 09 Nov 2021 03:38:20 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 7663 0
444 B 25ms
8ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 7663
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Yb8JXUYoBKB1fIV1M--wj9HUwDLopjzT1-yNYQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Yb8JXUYoBKB1fIV1M--wj9HUwDLopjzT1-yNYQ&verify=true

0
122 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Yb8JXUYoBKB1fIV1M--wj9HUwDLopjzT1-yNYQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Yb8JXUYoBKB1fIV1M--wj9HUwDLopjzT1-yNYQ&verify=true
date: Tue, 09 Nov 2021 03:38:20 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7663 42 B
679 B 65ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-OJWCcEYoBKB1fIV1M--wj9HUwDKMeIFY5Red3Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:459
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 /
s.ad.smaato.net/c/ Frame 7663 0
240 B 27ms
8ms Image
text/plain 2600:9000:2156:1c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vFbT0UYoBKB1fIV1M--wj9HUwDJ--Cg2oYgkBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:20 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4PPrnxkQC0RvCUrdXCfhEgkqb-mApArRfapiJD-OFXXOp_h132cvLw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 7663
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GOPaYUYoBKB1fIV1M--wj9HUwDIzR1nowhznHw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GOPaYUYoBKB1fIV1M--wj9HUwDIzR1nowhznHw&expires=30

43 B
495 B

8ms
8ms

Image
image/gif

18.157.70.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GOPaYUYoBKB1fIV1M--wj9HUwDIzR1nowhznHw&expires=30
Protocol: HTTP/1.1
Server: 18.157.70.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-GOPaYUYoBKB1fIV1M--wj9HUwDIzR1nowhznHw&expires=30
Date: Tue, 09 Nov 2021 03:38:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7663
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-NH2RIkYoBKB1fIV1M--wj9HUwDKJ4VJM1CNRpQ&c=us
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-NH2RIkYoBKB1fIV1M--wj9HUwDKJ4VJM1CNRpQ&c=us

43 B
180 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-NH2RIkYoBKB1fIV1M--wj9HUwDKJ4VJM1CNRpQ&c=us
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-NH2RIkYoBKB1fIV1M--wj9HUwDKJ4VJM1CNRpQ&c=us
date: Tue, 09 Nov 2021 03:38:20 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 7663 0
476 B 350ms
88ms Image
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ex9DokYoBKB1fIV1M--wj9HUwDJTVFKMZ04Bvw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
Cache-Control: no-cache
X-TraceId: 42e0bc218ca07a9c6f2f009d99e96c92
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame 7663
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1&apid=UP7c28aa6a-410e-11ec-9ce2-0228d03d97ac

0
611 B

18ms
17ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1&apid=UP7c28aa6a-410e-11ec-9ce2-0228d03d97ac

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-oKA2vUYoBKB1fIV1M--wj9HUwDKj-H4-6i4WHg&_origin=1&apid=UP7c28aa6a-410e-11ec-9ce2-0228d03d97ac
date: Tue, 09 Nov 2021 03:38:21 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 7663 43 B
962 B 97ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 7663
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=zRpndHLMIEX8Sc4yZLgLmcveAObdTHcE

42 B
396 B

34ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=zRpndHLMIEX8Sc4yZLgLmcveAObdTHcE
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=zRpndHLMIEX8Sc4yZLgLmcveAObdTHcE
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2832
date: Tue, 09 Nov 2021 03:38:20 GMT
content-length: 197
content-type: text/html; charset=utf-8

GET
H/1.1 503
Service Unavailable: Back-end server is at capacity /
partner.mediawallahscript.com/ Frame 7663 0
111 B 137ms
29ms Image
text/plain 34.249.161.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA&custom=&tag_format=img&tag_action=sync&custom=&cb=f61be18b-a35f-4884-9041-ae64e4abe4fd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.161.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-161-76.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 400 362338.gif
idsync.rlcdn.com/ Frame 7663 0
0 16ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA&ct=3&cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 m
cm.mgid.com/ Frame 7663 43 B
810 B 77ms
57ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617660&c=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ab401f98eab3128-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7663
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA

95 B
425 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA
date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 t.gif
cw.addthis.com/ Frame 7663 0
427 B 209ms
179ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 7663 170 B
601 B 280ms
262ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-fI95fkYoBKB1fIV1M--wj9HUwDJ91XJJtnHBQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK om.gif
lgr.visilabs.net/yenibiris/ 70 B
392 B 297ms
63ms Image
image/gif 185.29.195.171
D-TEK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lgr.visilabs.net/yenibiris/om.gif?OM.siteID=305046543731416A59544D3D&OM.cookieID=EHMTLCJRGUTTEENO20211109033820&OM.oid=5A6E707336634F43346C4D3D&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=1&OM.tvc=1&OM.th=1&OM.resol=1600x1200&OM.jv=No&OM.nrv=1&OM.domain=www.yenibiris.com&OM.uri=%2F&OM.title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&dat=Tue,%2009%20Nov%202021%2003:38:20%20GMT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.171 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: cd8feca47797d25495f03a52b6a8605de61b829c01be0dca0c2ff0fed71ec3d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
Cache-Control: private
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 70
Content-Type: Image/gif

GET
H/1.1 200
OK om.gif
rt.visilabs.net/yenibiris/ 70 B
408 B 259ms
63ms Image
image/gif 185.29.195.174
D-TEK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt.visilabs.net/yenibiris/om.gif?OM.siteID=305046543731416A59544D3D&OM.cookieID=EHMTLCJRGUTTEENO20211109033820&OM.oid=5A6E707336634F43346C4D3D&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=1&OM.tvc=1&OM.th=1&OM.resol=1600x1200&OM.jv=No&OM.nrv=1&OM.domain=www.yenibiris.com&OM.uri=%2F&OM.title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&dat=Tue,%2009%20Nov%202021%2003:38:20%20GMT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.174 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:20 GMT
SERVER
X-ASPNET-VERSION
X-POWERED-BY
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private
Content-Type: image/gif
Content-Length: 70

GET
H/1.1 200
OK om.gif
lgr.visilabs.net/yenibiris/ 70 B
392 B 300ms
67ms Image
image/gif 185.29.195.171
D-TEK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lgr.visilabs.net/yenibiris/om.gif?OM.siteID=305046543731416A59544D3D&OM.cookieID=EHMTLCJRGUTTEENO20211109033820&OM.oid=5A6E707336634F43346C4D3D&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=2&OM.tvc=1&OM.th=2&OM.tvd=1&OM.resol=1600x1200&OM.jv=No&OM.nrv=1&OM.domain=www.yenibiris.com&OM.uri=%2F&OM.title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&dat=Tue,%2009%20Nov%202021%2003:38:20%20GMT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.171 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: cd8feca47797d25495f03a52b6a8605de61b829c01be0dca0c2ff0fed71ec3d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:20 GMT
Cache-Control: private
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 70
Content-Type: Image/gif

GET
H/1.1 200
OK om.gif
rt.visilabs.net/yenibiris/ 70 B
408 B 250ms
63ms Image
image/gif 185.29.195.174
D-TEK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt.visilabs.net/yenibiris/om.gif?OM.siteID=305046543731416A59544D3D&OM.cookieID=EHMTLCJRGUTTEENO20211109033820&OM.oid=5A6E707336634F43346C4D3D&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=2&OM.tvc=1&OM.th=2&OM.tvd=1&OM.resol=1600x1200&OM.jv=No&OM.nrv=1&OM.domain=www.yenibiris.com&OM.uri=%2F&OM.title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com&dat=Tue,%2009%20Nov%202021%2003:38:20%20GMT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.174 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:20 GMT
SERVER
X-ASPNET-VERSION
X-POWERED-BY
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private
Content-Type: image/gif
Content-Length: 70

GET
H2 200 container.html Show response
6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1732 6 KB
3 KB 311ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 03:38:20 GMT
expires: Wed, 09 Nov 2022 03:38:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK act.js Show response
s.visilabs.net/ 9 KB
9 KB 259ms
64ms Script
text/javascript 185.29.195.173
D-TEK

General

Check archive.org

Show headers Download Go to

Full URL: https://s.visilabs.net/act.js?OM.cookieID=EHMTLCJRGUTTEENO20211109033820&OM.oid=5A6E707336634F43346C4D3D&OM.siteID=305046543731416A59544D3D&OM.obj=_VTObjs%5B%22_VisilabsTarget_0%22%5D&dat=Tue,%2009%20Nov%202021%2003:38:20%20GMT&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=1&OM.tvc=1&OM.th=1&OM.resol=1600x1200&OM.jv=No&OM.nrv=1&OM.domain=www.yenibiris.com&OM.uri=%2F&OM.title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com
Requested by: Host: vsh.visilabs.net
URL: https://vsh.visilabs.net/Visilabs.min.js?sid=305046543731416A59544D3D&oid=5A6E707336634F43346C4D3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.173 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: 4cab08b8f48bf0f3811b9ea4b324214106a4248d7fb9bb3e319c5af7a8f5cdfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
Server
X-AspNet-Version
X-Powered-By
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 8706

GET
H/1.1 200
OK act.js Show response
s.visilabs.net/ 9 KB
4 KB 275ms
74ms Script
text/javascript 185.29.195.173
D-TEK

General

Check archive.org

Show headers Download Go to

Full URL: https://s.visilabs.net/act.js?OM.cookieID=EHMTLCJRGUTTEENO20211109033820&OM.oid=5A6E707336634F43346C4D3D&OM.siteID=305046543731416A59544D3D&OM.obj=_VTObjs%5B%22_VisilabsTarget_0%22%5D&dat=Tue,%2009%20Nov%202021%2003:38:20%20GMT&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=2&OM.tvc=1&OM.th=2&OM.tvd=1&OM.resol=1600x1200&OM.jv=No&OM.nrv=1&OM.domain=www.yenibiris.com&OM.uri=%2F&OM.title=%C4%B0%C5%9F%20%C4%B0lanlar%C4%B1%20-%20Kariyer%20F%C4%B1rsatlar%C4%B1%20ile%20%C4%B0%C5%9F%20Bul%20%7C%20Yenibiris.com
Requested by: Host: vsh.visilabs.net
URL: https://vsh.visilabs.net/Visilabs.min.js?sid=305046543731416A59544D3D&oid=5A6E707336634F43346C4D3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.173 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: 4cab08b8f48bf0f3811b9ea4b324214106a4248d7fb9bb3e319c5af7a8f5cdfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:20 GMT
Content-Encoding: gzip
Server
X-AspNet-Version
X-Powered-By
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 3383

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7663 42 B
188 B 19ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-OJWCcEYoBKB1fIV1M--wj9HUwDKMeIFY5Red3Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:355
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 7663
Redirect Chain

https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953

43 B
342 B

17ms
17ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2062075
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 045681c6-8eb8-4ab4-addb-be230cd6b16a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 7663
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/8_5d2BthP83tutBRgjRp2-duGlhWNORY/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3776043564747480709

43 B
342 B

16ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3776043564747480709
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1591653
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3776043564747480709
pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7663 43 B
220 B 9ms
8ms Image
image/gif 18.157.70.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg&expires=30&user_group=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.70.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 container.html Show response
6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F27 6 KB
3 KB 268ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 03:38:20 GMT
expires: Wed, 09 Nov 2022 03:38:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 7663 43 B
962 B 35ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 17ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=3842273887050158&bg=!hoWlhcHNAAYH3anuB907ACkAdvg8WgqKR1m1FENOYvpIu5SGU1w5ejvmz7xq-f4EvCnNrg205z9D5AIAAADXUgAAAAhoAQeZArSCH1OCPdqHyULCloOmKbhbaHiyGvtY34HjGhw9K38DS74PUpk1BF70y0MNMdFY56RmDyhYZUkF74R8ozzElkisKhsLwbhed2XOnJoRrxst8ZLEXVIUS6LHw7wGn4B8RsqE4lxivrkID8pCCEauD-kkn8rhaVZiPbSdeCX1lsr0yWLcxBOazvMv5Cs_8vCjI_jJoU4nPcCDg9HVxvVRoVNHZtWZwnsYj1z2X8Xj5jL1sQiE7Ft50CR_tLCMLlYQoZzn3lJYeVH1nLtOCOGUJiOMBFt5NFTGTj0vjkD8F_yXyXnmpLdLQl_ylfigucB4KrBGPeFFaMucfVlRT6GJHBc4exmGWEAGfThiXiRdcvu3kivkQMgQPuYv3A-UwpVGBIMcHakeFkWW_T1rH-UXhG8jW5jTFx1uU832U5oN0hkLgABG7RfnK2jPWoLEiM4UBCeggPm_PxhKsljiSMSlAZ3Sq7ty6lkQUso4SlZjax3iMOyAAVjY42g--NAGt0eGLgHNLRwe5vUT5V1lf6a2V_Dtds-DeRzvHc70eAdIU4fumaPRIo-49x0usEKx63uVsfJ-KQYfKHan8XDlUiSdaZYKJE7A0NFbCQkxtUwsSEGnfrsXKIKoCOMm_QLEL0Q1KZdmCauIkC17gXx5nPTPabtKQWk-wAB1RElZC08Y0mHkL_Nqq8_bc4dx5470zxVwlrkoZBdHF4J3DTqKU6iANhrHLRzDNjVOGY9JAjvd6O3LYhWFSBxyHU6CvpBmVlcU_9Ljtnq0iLu_iAaMxnLApTzAf0hrmHeoOTEqeufMEAPFnA-a2EnK1uSPKJiBvXUXrVwIY1-o8SkPePQtgszq6nl2x0klRjKO7SDf-fyFCjGBrLfz1xJgW3smcSNqmjssZRSbFZFxVUlKXpT5brenRTOFpnR5dQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 7663 43 B
1021 B 18ms
17ms Image
image/gif 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-je0Q6UYoBKB1fIV1M--wj9HUwDLTo9DYLv4mSg&seg=95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 475dbef3-1205-4bd1-b993-6454747c1d5c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 7663
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953

43 B
342 B

17ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:20 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1449486
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 21a80c75-6402-4ee1-a87a-cb720c6452f0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5432835322831663953
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E79E 624 B
587 B 19ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-dgewCEIfGy-wCGKHMi7MBMAE&v=APEucNXug3JgzADKwpRhXQ3pV132erH7IaFgKKieFMsBbLDLX-M6uZ_2O-ZbBLz-_4IVz3Jcl6YB90A6uxmcPwIjtzylrZ0zqw7zjSvj5pF6WC9PEFFPT6nhb2FjipWkiV2urdWbOKi-tge7HQ_ZGvjknz1LnpAb2TQ4DmpNPZLHDsWou-zHOgQ

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 09 Nov 2021 03:38:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1732 25 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP7X4L1HdiUk2xEdhinYrdcu_pOfbJRbmO15iWtEAfidEiXHY7DptX7-R9EC60s5sVyvQrCPIXafr1kHBkCRY06XwEm8mkKq8hI4LEmVXASVIB9b3l7jRQIHsSbwNFwSf1Juep0fZ5mTr00R-o4yV4VLbUbg&cry=1&dbm_d=AKAmf-CgKBdl4WvlYBU-d14vS0b8RS5dmi-eeBpYd3U0Ha2_3dzy-w7GSAFHHjvHB7I_8qNaPBe36bW4pJa8FQfRk_-yXNWAmK38vDVZyH7JowKvK1-ifeKLGqLs1pVW1eZs0WYfQSoXH0K5VhCnWzNx2tmB1NCKz3yLX1owrcdsTeOq-v-ocJDdUh8FzYX9la8aCk2MDxG8bWKcQoZQHnnPDBELS7LLJvPDhrtOaXvYCjDcWijL7vU64uID7oSXSPB1OqFEP9fuCPJccd3on07K-jINztLmP8RF_sQhVQZx2QVlTIvWgirFkKHW_Wd_kNU2hIlWjdae-tyoH1UFXoXsBxaGdhqlGLIwAFbDiXX2VhGISCmYrMkG2UFrsT8JVPMMsBgvjviQyP-jgb0NsHEC9blsmW1rqTjg79xhxii3TfzQbHJnvdzVRFpUc4ecYtddVi12VmTTa-3lrujkisUqKzMevyvR8oclvaB9yScD9mQ1hfZGevPfB3_jMwenovqrFQswXA8WZm4FTJOPP_EJ6640mFKYj9u9zSop_0QX-LpMAFEc6mBx-heMWEIC-CETjaKrUjqgKLAuuz-wfaZtZ5cSOIV1wuwkwEj_b1b8GW1VKfnYS0ptmh4h673BYreQMeT3jUgLpAO9VVPDvv6je9erjUWjrPvQ087O56r_PZytYqBSkuq2DcyiWmTuEjnmJdklafuoGnXVnU2ueF75Hk21ptxkhxrITgpV7LNeOhL3wWBUWlaX5pYC1HEalKTnrnPfG_AJGvYtOS0UC5V5plsnlqFv7TsqhZ_cwRtnCTG35e-EmGecUzfbmwWzUyf_YgKQ40TR37TdOGCOsiqhHEbD7HYFyVD28QoyH3Jp0tn-RgQHuFmdoN-Pjjpb6cD6Vz5CzlmD4b6IghOk_27j8iCaC5SMutWmgI8RRaTuj-vlIFa7Fqs0tkQp7wwwD3QTsXufShYvAEH7NOEZY7AwJdPekcN6j46AGp2Qg_2Vlc0ApBLYKrpBwCEejf0IvJAfZDRq1yrlMUR9cLmwoiJIpgiH6bF1WhufyxqMW2fElAGY3Szis8tK_BJqodHk1KrpzsZy1QEGuEnO1ElTQeNS1qZaM1t2BCBSYX3lIMWC-aq5fxkWJAv8Qu-9ZJSdVEcpcdiJ5oCdn1Uk7uP4oYPtzIAF7crp_nmaQoVjSB83_qrklcrUm2tpWKxhOutfLUb4vqiQnYl3wBpa_Pg7a0bVeY45ILxw3XyBO3-sI_EcsHId4TrRPM0TUwm9jeyObm7AXrVJ710E97jhuK-FRsJ1ONrwTSH1hpiTtLCqomQvLh4ZEiSjv1J549APqqQaMNQxRi5-YcoiTgNrhdtpNg8tClCXW1CCfyLL6BvUl8WM4KNXzlV9TVKqOGuIjzXy0gC2dO-wfsNHICHsw8W31OUAY4VeD0fS1p0h-sPnGd0keLtYZ6buiNJttozvL_RB8G0oQeFwt1kNjXdBQVPJuMS1ox-CWZv71gdOQyt7tS2mtrMG1rRIyn0zCP0gqlqOd2mfzxX2FqOQ55vEk2pDzuNQgu7hJH7H2irJPYIiKMtnS7Ct_eyGB3OlE1W2d8S5BBUJb4HTiyZ0-oEItpCMYcEx6JXwNbIeXhd5haPjgmFK7SIogWQIMYrxavrKfGvUGTvff3gmevcO07E1WfsQXP8pRgGf6aG1z4iPQ7MMTDSpf2ii1mezTx4hzpxZIJCZHAwvRSPTLlhD0MFVMhiRuzqiJXsPnj-x04KH7TzlI3kd_X60LmobrtXT60kE7oA8bvy-Hj_Y_pEVluv3NUMWEIMTVNJU07ZWiN4P1mEzUmRhUelrVRWc1d9YAts6T9OuJVeX7_OuBLO00KzS95YmLDN4PDVXaBhqlSl2YJ4jx__q9R3de7YNZgmLr07WWAqFpe3pg3x5HjfSYxbdHiFhXm8DQI-Mynl6ntjzZc1UowGtDtut4NasjEOH1kdt1Arke0AjqVNDAx_Mj-2rGn8XLLbLz3KdiHTxnwfiNtJ3TH8I-F-2ehe6YNfuSnlRw4CESYNQkZdY23Ob6JWTMaShuiFjzyyAyijUnAJ3AgmcU02D35pLiN0H1QGGYXFuS-L_u-IXFEZHP7USVjdqvEgPipkf2_1qEgZJmMj6crVUPNWITAs2dJUvuqdIWSEyEDyIP_Gj6Lq7Mbirk0ply66IzqOauQPc0yYw30x1aX6Cq6nl88f1B4EdwCVwZFk0_kySwCYWpwnpajCTp7WRrbJKQoSriuYVIxH4MSaerqTnCWCeWsIHRsDrb0dW4Ag1iLEaOQBPp_vKteeqzJGeYo3QAT5NLhMZuoduYFP_zkMOrGjd3V9YGYB4hazokSK7EfqFMKrYmjCQm8Jgs-bf2EFYrullMCY7HyeWaDFeV0t5rgVLehe4J8q3sMWtrMUUNnrGDTj7o0wITTvtbiF5waySXU92QTrYPNeNUn5bjubtO0aKpZbajGhuauVvtcChLJclCkrMIBEbFq-MjmAY-WunJzstGEEcx0fdE95rKFUjRBD9NR2E9ljtTS0XJGXSX--UEXXceN-Jokg36eNqnPHLNV2aIskif-SgCBmFRyGS_5DJLK0h-PqPLqXIYDXQsqrzBeB5t4na_Z5OpNnlr7W22fbNm6dVL6fY2Eq48qnqWI19Xa4SajbkSouz2ChUHuCt6hOHE4_Xh0aBWJvCHqG4VZNiyr-rh6CL2NL8lMBR9PmXI-cMLXwX_I7GJJhj4LFtcuNssazEAWSbnw7_KDz5Mh5HkIi6V9y7Vr5bTB25DK9j8oMDRrFWtweNaZhZWzrXp2rbGThLikS0tlBCD2CBtIy8xXYiRc6diBiIjsnYeOa-qSQENYmdeffLsWsiZx5i3zzvshJ6pht0TQgzHW-IuqiWGStqvbtlnsTOxz5KkjMtp0IflZ3venEVQ01lp-le4BKl6n92_bP4ZaD04cOEB8m4Dcsl_i-NTZkICIARYgbKP63HCwycq_hWTpFOgjX69NWpj6yfrIFvWzf3HruwQp3zcBcSyQ7qoeyyCLAaF8bzhHBbF07DHZKnReYglsZ_Alikb6ACfM-8JvYOVp3OkHaYL1l5_9nUUvgeSwrWdOlhxg_LKPt9QZ0NgqHXgbL5uUXwWt640oylPp5mg-y8mZcl0APHaxBDjL0Fr4r4vPFZxaI_J8euDuPP0DRnatwu5VX92j0ke7xL5zE-GxbF5oDTCtLU1f9iuPY8V0tphpJsSGDCr4WQmsF9dkMV9OW972mrh3hlAkvb&cid=CAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg&rfl=1%2Chttps%253A%252F%252Fwww.yenibiris.com%252F%240

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6323c27bdb21d0736749dfd545aa1808a27066859e4f7b5e17bf5dd6160179d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13702
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1732 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCdgfkkbbySAkUmJ48lIeOKNmjxJeZaJqOUobmj4Lg7jh7iS3CJu-K3h-wtKNeTGvkOa-7RePXD_PbhLb8xzHzxjHoOpGpIzwHiD-Tbg1jp92mXSw

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1732 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1732 121 KB
38 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1732 15 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:31:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1732 0
0 16ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWLQvM0qvye3CcA0bACv78QhsacmCBho50tL-Hlw_up5u8ecNSSJoSL_JIg7ZBKAIHcBK1CGz3kG3xr8vCS5PL9nIGHA
Requested by: Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK om.gif
lgr.visilabs.net/yenibiris/ 70 B
392 B 66ms
65ms Image
image/gif 185.29.195.171
D-TEK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lgr.visilabs.net/yenibiris/om.gif?OM.siteID=305046543731416A59544D3D&OM.oid=5A6E707336634F43346C4D3D&OM.cookieID=VisilabsTarget&OM.uri=/om_evt.gif&OM.zdn=acttype-4&OM.zcp=act-13&OM.num1=1&dat=Tue,%2009%20Nov%202021%2003:38:21%20GMT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.195.171 , Turkey, ASN201160 (D-TEK, TR),
Reverse DNS
Software: /
Resource Hash: cd8feca47797d25495f03a52b6a8605de61b829c01be0dca0c2ff0fed71ec3d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yenibiris.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:20 GMT
Cache-Control: private
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 70
Content-Type: Image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 51D0 640 B
316 B 18ms
18ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7oDTtQEwAQ&v=APEucNWtZe2nZ0swoWQTgaaBcj_0xJRDVynJI91_pM9J3hwxajsjJSMvTjo_4NIvitA7pvo3vOzJZOOedzaekpUphaqg9ZTCwZkxu2ZAC0Z8KQV4NVs0w2sq3fpgE3hpfIrJQEa9Xa9DEwEC1Eci_1S72JrA1hWtr32P4JkWetOFs9hsx49WFas

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 09 Nov 2021 03:38:21 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3F27 73 KB
29 KB 37ms
37ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4FgH239nAt9UW5HTQmcBXWAuNrTq7aMGGRQ4kgboGSG1zC8_DL6JOTfR7nXk16WiBSG_bEs2nHH2EA1D0eSNPFlGNhVtgqtkgHx5rOT_sbO1q5wU9aPSVzGh_3DIsfS5-vC9DGgQVi2dXJhTTD0_ZJFnxrA&dbm_d=AKAmf-D9gChs8fU10Yw_1HsdaVmODbuOTrQ6sfFRZWN11KxIienQlV1YxZj4xkZ4RK_erQHUUrst6Ja6yUZzEK6kdKkSQL4Uwq2Ve1nw4Lz1_mFXxOEKMh0FFibBwnJagzp8KkdPP0GZRU5ZKeumggTCbAB3Oa_9_hMKarIy3_p4M6n1Bdem_WfUYX-3AnWK_ruWhK4EGfhKnd0KDYVa9c6Trs55LqGQJoo6PhEBmO4F3We9HiQQoQVtp7Rnov66UbjXRa_U75cDRGC7MoSYTlct_YoVgHF39YWqhBL4xBfVEHPtG9W4xGEIgBQ4R5vM7seDf4I54Pfk85hXUNYQP6V-eTeX2FTndl-xzcQubRM6LdNyhGKgnc6oSkyTpmX6_QGbrPXbuRhP8lDYL6jkp440Thh2Wix-LiOK5XwniACb3C-RPZxbbUJXBmqjtlf14zz7LE0qkVPRHZfkel7faUIEe8HZwS_7iSTCWi2prJHMl4bROn8Buz3LAg-foVoZ2yqKfEfVfPCnXI8NH0VGj4zcYbwf91T7_-3qqtOXMNmuWbnYWxDxmslHWxCh9IwJgFQWMGIB6AXfWsXTO3aaQF9TXXAVOt_9AaztjuwfpNp_2uE7hjwEAihP-s5VvTXXlN0CyJBVH2z82he1OiWnAuf7597cl4GpNdmvxsFAmSifM5Gv9MlCwO_Fyn4d0AWsNZ-fEK4zSB2ApRUPmv8Pj-viCnNJWu4rFrSA108ynQ9n6fBOpytk0dvyagQFchnxl3VnP3Y55EgYHgo4UdHCsvYVKnT4hPojtnm2OzEhLyt9VDKoQqc3xrJZeR1R9P6dK58wapHeGYPSFW-dqdDrJSHoYLpTM1z-slTTbbXuwF7tV-zBokFd_8saKo_0Ip5z7f7QOKQ7Bfg_4pKS6RS2Vblz4cWsHkeoCErKKosmt7FiWlF1ICs4jkQpbpoTdGfhj1x01jrMu2q6glRZMy6LoE7ZriVOQO_Dbbrx75m6rPpLcsiKrYOs1SwWW20mVMCUCkh21q9E9Mo69keLVEqdeSqGk_LgoE-dW6CQawg2hhBKY6fNkO8lj0wUOmgTU6HD-rwOBEVFSodQbBWz1gRTWMJ6Zzg5Ucoffz0rwdLoodAxQei24D-jbfLP_9xExCy_wNMDWKRxaryf7iRAOvpjatNlkaSGJwaLGUy9SDq4I-d81bFF_9LkUn5fNoFSBzTgAS5IGA2KrZbwtIa_r8M3kIvOvpBH6dRhIZayryokHB59FUTWfvX1_x50d-CASabxe8ZU-fCkT3zlQidBNRs2slsuvYQhWTRNLyHI7MKJ3jggEELwTkqgVqPatRD2zZ0CeKCXtaQgJaic-9ZVpweUSiTOBJ1USSBNrAmhDJo1XtCKQZ19v8h4Uaf9dvD2aO1YRTMdbSizoydL8EaG3WhNmEL2h27rbT4ZLhwoQv2jl9aVnsioHfTg-EG2Y_2BLJJ92lv4KdgLi9DZrcoJM9Nlt4TWVYwD1ptQFmSU-BOxxE36eWbFrEnZy17x83Af_kW23WECy-kohBXs59zalBm52V5FwFIDCGQpx9LbulEVCMaSwDVQtpDBPNzZxKwxLvRcKBCsxQomQdR6_bYrQqBilzKEekRvKgraPkiF5X-2Vyj6xt-DYta8DnHK2u34XTa6-7xHWZFAyu1T4s5FwJ0NHHfAWcu0QeqAD4mCWWbUqJTQtMlkl2ILsa-FJ3hLGzLQyPt9T8kRtsKEaerdLcZrww8E2HheasWqBYnCTsMLizEMUfoM6tAqBPedzVe76RjE8Tv2lIIBCjVQ1twQU7xX_nuM2J5Epf4KhHLKMRRlVGkQ6_dytyG32JFAltgBJSXPrclz5oZRkqGrQNSPn7kwTrNc_GVR-iB9pTtzbjL5D5KUWnWHtz3l29Kf7QDifNAcq8RrkrkBgzk1Szb9y61r7PmF5bRzrDjI_9rEiJu_XrMYk-JhQCLv1uNo-RRNBComwubYwqBttdbU4t05givvNrpZu9RIFoGJL2WaKOQ8Y_NLo2if0KPmgSJ33iA-JhQPJxHSVbcwJSBeKxk8qn7Ey20N6Xk-e9TSykDKxu1JujEAaKvN4xttB2ggMXm0uDdG0wZcE8bi_d7H1iCb0vZMzVvctxfNzrucBjFnPU3YVpQ1jOpp_whuvukxGj_YO_V7Mj524UUuNwaNhmFLhlMpryj3nLU253wnCHvo8RFMoycAeiuIU6pO_rc_YIPw-jwEw-UEkVRDfEoAMMzsph8e0mS5q36Ij0wwF1iaGlZQ7JXVmjxY9NEqZ_IEPpMfefs4AjjTwBcaHjloCIiWRQ013Y-Hgzs65OJVQd3Xpgf3R3o2kxXHCM15t9UDHNuGXwDpI_9rnlX51Psy7B3KmJL8PH9IncmLmvdhjABziVoSkYSpYDY96ZCo8eYYUkuKwpLaw-gbCA2vV73PdENerpB90gQ0P3n0Pf76_8zlNnuwtQx2pAPUpzctp3hCil-VIqI-SgpNu-so2W8y-Fy2tuRdPUA0-zvYI8vrmRGDvtyfmp7ikG0UncdMdvfTTocLw_ZO8rLDq77ciSujWt5JoQrZ6guU-rHQPbjHdd0lRB0fASWNg0Rrz6osMD4vbA4XBtXUNe7t1_VLC7wLb2IXuzRmpHyPTKQx8xyWbYERhq3V4tNKInHMYct54b34VCXM1aPCh_vjd9XjfJdwgenZPFXBJ3JMyQjYjVBh24hZQUFbmjTggGM-AjZ0WBEh5VdgCJLaCxLEl9Pt787ctyyg60lUQhdFS7sGhEAfe9Vxyx77E3H0KlqoF_Mz6H6UmSPKBg1SKG4r35skecmJN_xnxRvsoJ6UHoWRWt89XTqgvbPpnaw-koN8SY1SQ22VzsS-bE4O9ooVFwOX9fiowY71aTLdTLduQUoI6xpc91kgAfJdGP_zGXT_5WlkW-zPoDfW09sTn0owfHtJ7ggMIA-xmzBfJLLN8E7EenHXhTvEKkrYwL_MtlH5n549bAPTdEO0SJBx5XO2RUjHfkZfH6D0tro47Bf-TNTsxEuNBLbgOBswJVcgeBc3wvi-xtQ&cid=CAASFeRohxpCi0zFDibT7BbA0jcRY6ZX7A&rfl=1%2Chttps%253A%252F%252Fwww.yenibiris.com%252F%240

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bd9c1930ccf3332defff4d44bed1e020f8b6ea9784bcbfb042ad6f135d6105f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29760
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F27 42 B
107 B 15ms
14ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BbdG9eSnQPYJ5Cw38huVhL5Ns7cz4BmMWvTczBR7ET2_V8wS3Bpt2VHWbPMnYwd74uYRQy1SNfsHfnqoWRfLUen3Xi0D_uT8E5rTU7hHeHQ42RaGo

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3F27 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:30:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F27 121 KB
37 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3F27 15 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:31:09 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 1732 24 KB
9 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP7X4L1HdiUk2xEdhinYrdcu_pOfbJRbmO15iWtEAfidEiXHY7DptX7-R9EC60s5sVyvQrCPIXafr1kHBkCRY06XwEm8mkKq8hI4LEmVXASVIB9b3l7jRQIHsSbwNFwSf1Juep0fZ5mTr00R-o4yV4VLbUbg&cry=1&dbm_d=AKAmf-CgKBdl4WvlYBU-d14vS0b8RS5dmi-eeBpYd3U0Ha2_3dzy-w7GSAFHHjvHB7I_8qNaPBe36bW4pJa8FQfRk_-yXNWAmK38vDVZyH7JowKvK1-ifeKLGqLs1pVW1eZs0WYfQSoXH0K5VhCnWzNx2tmB1NCKz3yLX1owrcdsTeOq-v-ocJDdUh8FzYX9la8aCk2MDxG8bWKcQoZQHnnPDBELS7LLJvPDhrtOaXvYCjDcWijL7vU64uID7oSXSPB1OqFEP9fuCPJccd3on07K-jINztLmP8RF_sQhVQZx2QVlTIvWgirFkKHW_Wd_kNU2hIlWjdae-tyoH1UFXoXsBxaGdhqlGLIwAFbDiXX2VhGISCmYrMkG2UFrsT8JVPMMsBgvjviQyP-jgb0NsHEC9blsmW1rqTjg79xhxii3TfzQbHJnvdzVRFpUc4ecYtddVi12VmTTa-3lrujkisUqKzMevyvR8oclvaB9yScD9mQ1hfZGevPfB3_jMwenovqrFQswXA8WZm4FTJOPP_EJ6640mFKYj9u9zSop_0QX-LpMAFEc6mBx-heMWEIC-CETjaKrUjqgKLAuuz-wfaZtZ5cSOIV1wuwkwEj_b1b8GW1VKfnYS0ptmh4h673BYreQMeT3jUgLpAO9VVPDvv6je9erjUWjrPvQ087O56r_PZytYqBSkuq2DcyiWmTuEjnmJdklafuoGnXVnU2ueF75Hk21ptxkhxrITgpV7LNeOhL3wWBUWlaX5pYC1HEalKTnrnPfG_AJGvYtOS0UC5V5plsnlqFv7TsqhZ_cwRtnCTG35e-EmGecUzfbmwWzUyf_YgKQ40TR37TdOGCOsiqhHEbD7HYFyVD28QoyH3Jp0tn-RgQHuFmdoN-Pjjpb6cD6Vz5CzlmD4b6IghOk_27j8iCaC5SMutWmgI8RRaTuj-vlIFa7Fqs0tkQp7wwwD3QTsXufShYvAEH7NOEZY7AwJdPekcN6j46AGp2Qg_2Vlc0ApBLYKrpBwCEejf0IvJAfZDRq1yrlMUR9cLmwoiJIpgiH6bF1WhufyxqMW2fElAGY3Szis8tK_BJqodHk1KrpzsZy1QEGuEnO1ElTQeNS1qZaM1t2BCBSYX3lIMWC-aq5fxkWJAv8Qu-9ZJSdVEcpcdiJ5oCdn1Uk7uP4oYPtzIAF7crp_nmaQoVjSB83_qrklcrUm2tpWKxhOutfLUb4vqiQnYl3wBpa_Pg7a0bVeY45ILxw3XyBO3-sI_EcsHId4TrRPM0TUwm9jeyObm7AXrVJ710E97jhuK-FRsJ1ONrwTSH1hpiTtLCqomQvLh4ZEiSjv1J549APqqQaMNQxRi5-YcoiTgNrhdtpNg8tClCXW1CCfyLL6BvUl8WM4KNXzlV9TVKqOGuIjzXy0gC2dO-wfsNHICHsw8W31OUAY4VeD0fS1p0h-sPnGd0keLtYZ6buiNJttozvL_RB8G0oQeFwt1kNjXdBQVPJuMS1ox-CWZv71gdOQyt7tS2mtrMG1rRIyn0zCP0gqlqOd2mfzxX2FqOQ55vEk2pDzuNQgu7hJH7H2irJPYIiKMtnS7Ct_eyGB3OlE1W2d8S5BBUJb4HTiyZ0-oEItpCMYcEx6JXwNbIeXhd5haPjgmFK7SIogWQIMYrxavrKfGvUGTvff3gmevcO07E1WfsQXP8pRgGf6aG1z4iPQ7MMTDSpf2ii1mezTx4hzpxZIJCZHAwvRSPTLlhD0MFVMhiRuzqiJXsPnj-x04KH7TzlI3kd_X60LmobrtXT60kE7oA8bvy-Hj_Y_pEVluv3NUMWEIMTVNJU07ZWiN4P1mEzUmRhUelrVRWc1d9YAts6T9OuJVeX7_OuBLO00KzS95YmLDN4PDVXaBhqlSl2YJ4jx__q9R3de7YNZgmLr07WWAqFpe3pg3x5HjfSYxbdHiFhXm8DQI-Mynl6ntjzZc1UowGtDtut4NasjEOH1kdt1Arke0AjqVNDAx_Mj-2rGn8XLLbLz3KdiHTxnwfiNtJ3TH8I-F-2ehe6YNfuSnlRw4CESYNQkZdY23Ob6JWTMaShuiFjzyyAyijUnAJ3AgmcU02D35pLiN0H1QGGYXFuS-L_u-IXFEZHP7USVjdqvEgPipkf2_1qEgZJmMj6crVUPNWITAs2dJUvuqdIWSEyEDyIP_Gj6Lq7Mbirk0ply66IzqOauQPc0yYw30x1aX6Cq6nl88f1B4EdwCVwZFk0_kySwCYWpwnpajCTp7WRrbJKQoSriuYVIxH4MSaerqTnCWCeWsIHRsDrb0dW4Ag1iLEaOQBPp_vKteeqzJGeYo3QAT5NLhMZuoduYFP_zkMOrGjd3V9YGYB4hazokSK7EfqFMKrYmjCQm8Jgs-bf2EFYrullMCY7HyeWaDFeV0t5rgVLehe4J8q3sMWtrMUUNnrGDTj7o0wITTvtbiF5waySXU92QTrYPNeNUn5bjubtO0aKpZbajGhuauVvtcChLJclCkrMIBEbFq-MjmAY-WunJzstGEEcx0fdE95rKFUjRBD9NR2E9ljtTS0XJGXSX--UEXXceN-Jokg36eNqnPHLNV2aIskif-SgCBmFRyGS_5DJLK0h-PqPLqXIYDXQsqrzBeB5t4na_Z5OpNnlr7W22fbNm6dVL6fY2Eq48qnqWI19Xa4SajbkSouz2ChUHuCt6hOHE4_Xh0aBWJvCHqG4VZNiyr-rh6CL2NL8lMBR9PmXI-cMLXwX_I7GJJhj4LFtcuNssazEAWSbnw7_KDz5Mh5HkIi6V9y7Vr5bTB25DK9j8oMDRrFWtweNaZhZWzrXp2rbGThLikS0tlBCD2CBtIy8xXYiRc6diBiIjsnYeOa-qSQENYmdeffLsWsiZx5i3zzvshJ6pht0TQgzHW-IuqiWGStqvbtlnsTOxz5KkjMtp0IflZ3venEVQ01lp-le4BKl6n92_bP4ZaD04cOEB8m4Dcsl_i-NTZkICIARYgbKP63HCwycq_hWTpFOgjX69NWpj6yfrIFvWzf3HruwQp3zcBcSyQ7qoeyyCLAaF8bzhHBbF07DHZKnReYglsZ_Alikb6ACfM-8JvYOVp3OkHaYL1l5_9nUUvgeSwrWdOlhxg_LKPt9QZ0NgqHXgbL5uUXwWt640oylPp5mg-y8mZcl0APHaxBDjL0Fr4r4vPFZxaI_J8euDuPP0DRnatwu5VX92j0ke7xL5zE-GxbF5oDTCtLU1f9iuPY8V0tphpJsSGDCr4WQmsF9dkMV9OW972mrh3hlAkvb&cid=CAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg&rfl=1%2Chttps%253A%252F%252Fwww.yenibiris.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 01:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 01:02:24 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1732 41 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E79E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1&C=1

43 B
1014 B

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-dgewCEIfGy-wCGKHMi7MBMAE&v=APEucNXug3JgzADKwpRhXQ3pV132erH7IaFgKKieFMsBbLDLX-M6uZ_2O-ZbBLz-_4IVz3Jcl6YB90A6uxmcPwIjtzylrZ0zqw7zjSvj5pF6WC9PEFFPT6nhb2FjipWkiV2urdWbOKi-tge7HQ_ZGvjknz1LnpAb2TQ4DmpNPZLHDsWou-zHOgQ
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 09 Nov 2021 03:38:21 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E79E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYntLW53Jx2XQDqhnAjqYQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-dgewCEIfGy-wCGKHMi7MBMAE&v=APEucNXug3JgzADKwpRhXQ3pV132erH7IaFgKKieFMsBbLDLX-M6uZ_2O-ZbBLz-_4IVz3Jcl6YB90A6uxmcPwIjtzylrZ0zqw7zjSvj5pF6WC9PEFFPT6nhb2FjipWkiV2urdWbOKi-tge7HQ_ZGvjknz1LnpAb2TQ4DmpNPZLHDsWou-zHOgQ
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 09 Nov 2021 03:38:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV8fXFnHG2MzDyDl6YDkgY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E79E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEASdSjASrlLROqspy3mDKtM&google_cver=1

43 B
1 KB

27ms
13ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEASdSjASrlLROqspy3mDKtM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-dgewCEIfGy-wCGKHMi7MBMAE&v=APEucNXug3JgzADKwpRhXQ3pV132erH7IaFgKKieFMsBbLDLX-M6uZ_2O-ZbBLz-_4IVz3Jcl6YB90A6uxmcPwIjtzylrZ0zqw7zjSvj5pF6WC9PEFFPT6nhb2FjipWkiV2urdWbOKi-tge7HQ_ZGvjknz1LnpAb2TQ4DmpNPZLHDsWou-zHOgQ

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7f5b3151-5642-42f9-a2e6-19bc00c2aefb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEASdSjASrlLROqspy3mDKtM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E79E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjgzNTMyMjgzMTY2Mzk1Mw%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjgzNTMyMjgzMTY2Mzk1Mw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 03:38:21 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c551a8a2-7000-4135-a244-799b02c96b50
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjgzNTMyMjgzMTY2Mzk1Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 51D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECl8jMl7CpBJf86s71W6D5o&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECl8jMl7CpBJf86s71W6D5o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7oDTtQEwAQ&v=APEucNWtZe2nZ0swoWQTgaaBcj_0xJRDVynJI91_pM9J3hwxajsjJSMvTjo_4NIvitA7pvo3vOzJZOOedzaekpUphaqg9ZTCwZkxu2ZAC0Z8KQV4NVs0w2sq3fpgE3hpfIrJQEa9Xa9DEwEC1Eci_1S72JrA1hWtr32P4JkWetOFs9hsx49WFas
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECl8jMl7CpBJf86s71W6D5o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51D0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzRmNjc4YmEtNWI4MS0yYWQwLWU0MzEtYTY1YjlhMTdlZmY1

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzRmNjc4YmEtNWI4MS0yYWQwLWU0MzEtYTY1YjlhMTdlZmY1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7oDTtQEwAQ&v=APEucNWtZe2nZ0swoWQTgaaBcj_0xJRDVynJI91_pM9J3hwxajsjJSMvTjo_4NIvitA7pvo3vOzJZOOedzaekpUphaqg9ZTCwZkxu2ZAC0Z8KQV4NVs0w2sq3fpgE3hpfIrJQEa9Xa9DEwEC1Eci_1S72JrA1hWtr32P4JkWetOFs9hsx49WFas

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzRmNjc4YmEtNWI4MS0yYWQwLWU0MzEtYTY1YjlhMTdlZmY1
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 51D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEI3LwgrDYIhw3i8AC-pXzDg&google_cver=1

23 B
172 B

76ms
47ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEI3LwgrDYIhw3i8AC-pXzDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7oDTtQEwAQ&v=APEucNWtZe2nZ0swoWQTgaaBcj_0xJRDVynJI91_pM9J3hwxajsjJSMvTjo_4NIvitA7pvo3vOzJZOOedzaekpUphaqg9ZTCwZkxu2ZAC0Z8KQV4NVs0w2sq3fpgE3hpfIrJQEa9Xa9DEwEC1Eci_1S72JrA1hWtr32P4JkWetOFs9hsx49WFas
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 09 Nov 2021 03:38:21 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEI3LwgrDYIhw3i8AC-pXzDg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 51D0 23 B
172 B 109ms
43ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7oDTtQEwAQ&v=APEucNWtZe2nZ0swoWQTgaaBcj_0xJRDVynJI91_pM9J3hwxajsjJSMvTjo_4NIvitA7pvo3vOzJZOOedzaekpUphaqg9ZTCwZkxu2ZAC0Z8KQV4NVs0w2sq3fpgE3hpfIrJQEa9Xa9DEwEC1Eci_1S72JrA1hWtr32P4JkWetOFs9hsx49WFas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 09 Nov 2021 03:38:21 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3F27 106 KB
38 KB 60ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
Origin: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 16:09:20 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 3F27 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4FgH239nAt9UW5HTQmcBXWAuNrTq7aMGGRQ4kgboGSG1zC8_DL6JOTfR7nXk16WiBSG_bEs2nHH2EA1D0eSNPFlGNhVtgqtkgHx5rOT_sbO1q5wU9aPSVzGh_3DIsfS5-vC9DGgQVi2dXJhTTD0_ZJFnxrA&dbm_d=AKAmf-D9gChs8fU10Yw_1HsdaVmODbuOTrQ6sfFRZWN11KxIienQlV1YxZj4xkZ4RK_erQHUUrst6Ja6yUZzEK6kdKkSQL4Uwq2Ve1nw4Lz1_mFXxOEKMh0FFibBwnJagzp8KkdPP0GZRU5ZKeumggTCbAB3Oa_9_hMKarIy3_p4M6n1Bdem_WfUYX-3AnWK_ruWhK4EGfhKnd0KDYVa9c6Trs55LqGQJoo6PhEBmO4F3We9HiQQoQVtp7Rnov66UbjXRa_U75cDRGC7MoSYTlct_YoVgHF39YWqhBL4xBfVEHPtG9W4xGEIgBQ4R5vM7seDf4I54Pfk85hXUNYQP6V-eTeX2FTndl-xzcQubRM6LdNyhGKgnc6oSkyTpmX6_QGbrPXbuRhP8lDYL6jkp440Thh2Wix-LiOK5XwniACb3C-RPZxbbUJXBmqjtlf14zz7LE0qkVPRHZfkel7faUIEe8HZwS_7iSTCWi2prJHMl4bROn8Buz3LAg-foVoZ2yqKfEfVfPCnXI8NH0VGj4zcYbwf91T7_-3qqtOXMNmuWbnYWxDxmslHWxCh9IwJgFQWMGIB6AXfWsXTO3aaQF9TXXAVOt_9AaztjuwfpNp_2uE7hjwEAihP-s5VvTXXlN0CyJBVH2z82he1OiWnAuf7597cl4GpNdmvxsFAmSifM5Gv9MlCwO_Fyn4d0AWsNZ-fEK4zSB2ApRUPmv8Pj-viCnNJWu4rFrSA108ynQ9n6fBOpytk0dvyagQFchnxl3VnP3Y55EgYHgo4UdHCsvYVKnT4hPojtnm2OzEhLyt9VDKoQqc3xrJZeR1R9P6dK58wapHeGYPSFW-dqdDrJSHoYLpTM1z-slTTbbXuwF7tV-zBokFd_8saKo_0Ip5z7f7QOKQ7Bfg_4pKS6RS2Vblz4cWsHkeoCErKKosmt7FiWlF1ICs4jkQpbpoTdGfhj1x01jrMu2q6glRZMy6LoE7ZriVOQO_Dbbrx75m6rPpLcsiKrYOs1SwWW20mVMCUCkh21q9E9Mo69keLVEqdeSqGk_LgoE-dW6CQawg2hhBKY6fNkO8lj0wUOmgTU6HD-rwOBEVFSodQbBWz1gRTWMJ6Zzg5Ucoffz0rwdLoodAxQei24D-jbfLP_9xExCy_wNMDWKRxaryf7iRAOvpjatNlkaSGJwaLGUy9SDq4I-d81bFF_9LkUn5fNoFSBzTgAS5IGA2KrZbwtIa_r8M3kIvOvpBH6dRhIZayryokHB59FUTWfvX1_x50d-CASabxe8ZU-fCkT3zlQidBNRs2slsuvYQhWTRNLyHI7MKJ3jggEELwTkqgVqPatRD2zZ0CeKCXtaQgJaic-9ZVpweUSiTOBJ1USSBNrAmhDJo1XtCKQZ19v8h4Uaf9dvD2aO1YRTMdbSizoydL8EaG3WhNmEL2h27rbT4ZLhwoQv2jl9aVnsioHfTg-EG2Y_2BLJJ92lv4KdgLi9DZrcoJM9Nlt4TWVYwD1ptQFmSU-BOxxE36eWbFrEnZy17x83Af_kW23WECy-kohBXs59zalBm52V5FwFIDCGQpx9LbulEVCMaSwDVQtpDBPNzZxKwxLvRcKBCsxQomQdR6_bYrQqBilzKEekRvKgraPkiF5X-2Vyj6xt-DYta8DnHK2u34XTa6-7xHWZFAyu1T4s5FwJ0NHHfAWcu0QeqAD4mCWWbUqJTQtMlkl2ILsa-FJ3hLGzLQyPt9T8kRtsKEaerdLcZrww8E2HheasWqBYnCTsMLizEMUfoM6tAqBPedzVe76RjE8Tv2lIIBCjVQ1twQU7xX_nuM2J5Epf4KhHLKMRRlVGkQ6_dytyG32JFAltgBJSXPrclz5oZRkqGrQNSPn7kwTrNc_GVR-iB9pTtzbjL5D5KUWnWHtz3l29Kf7QDifNAcq8RrkrkBgzk1Szb9y61r7PmF5bRzrDjI_9rEiJu_XrMYk-JhQCLv1uNo-RRNBComwubYwqBttdbU4t05givvNrpZu9RIFoGJL2WaKOQ8Y_NLo2if0KPmgSJ33iA-JhQPJxHSVbcwJSBeKxk8qn7Ey20N6Xk-e9TSykDKxu1JujEAaKvN4xttB2ggMXm0uDdG0wZcE8bi_d7H1iCb0vZMzVvctxfNzrucBjFnPU3YVpQ1jOpp_whuvukxGj_YO_V7Mj524UUuNwaNhmFLhlMpryj3nLU253wnCHvo8RFMoycAeiuIU6pO_rc_YIPw-jwEw-UEkVRDfEoAMMzsph8e0mS5q36Ij0wwF1iaGlZQ7JXVmjxY9NEqZ_IEPpMfefs4AjjTwBcaHjloCIiWRQ013Y-Hgzs65OJVQd3Xpgf3R3o2kxXHCM15t9UDHNuGXwDpI_9rnlX51Psy7B3KmJL8PH9IncmLmvdhjABziVoSkYSpYDY96ZCo8eYYUkuKwpLaw-gbCA2vV73PdENerpB90gQ0P3n0Pf76_8zlNnuwtQx2pAPUpzctp3hCil-VIqI-SgpNu-so2W8y-Fy2tuRdPUA0-zvYI8vrmRGDvtyfmp7ikG0UncdMdvfTTocLw_ZO8rLDq77ciSujWt5JoQrZ6guU-rHQPbjHdd0lRB0fASWNg0Rrz6osMD4vbA4XBtXUNe7t1_VLC7wLb2IXuzRmpHyPTKQx8xyWbYERhq3V4tNKInHMYct54b34VCXM1aPCh_vjd9XjfJdwgenZPFXBJ3JMyQjYjVBh24hZQUFbmjTggGM-AjZ0WBEh5VdgCJLaCxLEl9Pt787ctyyg60lUQhdFS7sGhEAfe9Vxyx77E3H0KlqoF_Mz6H6UmSPKBg1SKG4r35skecmJN_xnxRvsoJ6UHoWRWt89XTqgvbPpnaw-koN8SY1SQ22VzsS-bE4O9ooVFwOX9fiowY71aTLdTLduQUoI6xpc91kgAfJdGP_zGXT_5WlkW-zPoDfW09sTn0owfHtJ7ggMIA-xmzBfJLLN8E7EenHXhTvEKkrYwL_MtlH5n549bAPTdEO0SJBx5XO2RUjHfkZfH6D0tro47Bf-TNTsxEuNBLbgOBswJVcgeBc3wvi-xtQ&cid=CAASFeRohxpCi0zFDibT7BbA0jcRY6ZX7A&rfl=1%2Chttps%253A%252F%252Fwww.yenibiris.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:24:46 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 3F27 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 01:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 01:02:24 GMT

GET
H2 200 adperf_launch_1.0.0_scrambled.js Show response
cstatic.weborama.fr/js/advertiserv2/ Frame 1732 20 KB
8 KB 43ms
10ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_launch_1.0.0_scrambled.js
Requested by: Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) /
Resource Hash: ca45cdd891a26581651763d6204ba40be430bd94abe31e9e832822674bb3c4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 11:12:10 GMT
server: ECAcc (frc/8E93)
age: 397343
etag: "3541355641"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 7530
expires: Tue, 16 Nov 2021 03:38:21 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EB98 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 500451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F27 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
DATA 200
OK truncated
/ Frame 3F27 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228ef6aecf6970bcedd0ca8446eca21e2e07d2671e85286b639e158402e2ff32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

dispatch.fcgi Show response
turismoportugal.solution.weborama.fr/fcgi-bin/ Frame 1732
Redirect Chain

https://turismoportugal.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=5327&a.te=14106&a.ra=1636429100743874&a.agi=26&g.de=0&ca=60013049932&a.hr=js&a.wi=970&a.he=250&a.sh=1200&a.sw=1600&a....
https://turismoportugal.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=366707&a.A=im&a.si=5327&a.te=14106&a.ra=1636429100743874&a.agi=26&g.de=0&ca=60013049932&a.hr=js&a.wi=970&a.he=250&a....

3 KB
2 KB

28ms
28ms

Script
application/x-javascript

195.54.48.26
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: https://turismoportugal.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=366707&a.A=im&a.si=5327&a.te=14106&a.ra=1636429100743874&a.agi=26&g.de=0&ca=60013049932&a.hr=js&a.wi=970&a.he=250&a.sh=1200&a.sw=1600&a.ycp=&g.ism=0&gdpr_cmp_failure=1&g.did=&a.we=0&a.pc=https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC4ucjLO2JYcKzLaGT7gOi7o3YBtmUw55l2af6oJYOi62wl7spEAEgz4vIaWCV4pCCoAfIAQmpAuQz7rA6crM-qAMBqgTfAU_QQUAUcsvJXY3qHLOOHG93lWISWbBLKz-e3FIojSymlBhsAX8UyJoAJ76bIFHs09NXS-S-UfJNJMPXmQANnvLPKsW_ox-9Wl5-8EZtH41ziMkK4Lfl8Lkt4KfCncU3W3s9pAvPwMwqUKNcIUQLON6U3ctFli1xawO0mKnXCpCqqOS-h93bJ5nazsYbTDEJiWSU8atwXeWqdHoqX3Hu1WzoM-d6p3h-8sOVnwaQSK-9nwTiUfqDHMIoON-KMNxYL67WU0V_0hbeveffMrSmaz8gkJ0e-X-GdSF0vZNrOeDABOrCo8_gA-AEA5AGAaAGTYAHz7u66wKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPFsZYNyBPdkK3eA9ATANgTCogUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg%26sig%3DAOD64_1OfDlAGYZkffdrV-j18kGslP0trQ%26client%3Dca-pub-2896002660004872%26dbm_c%3DAKAmf-Cfm4RNUAWtuMO_LScTicdr396f5Mgr-WY2zT-KC3ehzDjnP0nfQAkYjvDIQBk-4MYOv0InJNbnrVYdjpIqJA01MZ3y9kVGTO_SSd3gwUQqdgvEj94vjhGXGRUlqjBMQpbDX3rD7I_RlxqlFxZUMmD-HGm_4w%26cry%3D1%26dbm_d%3DAKAmf-B-rqgKAb2zo_jDuiM-z7gDB39mtDpWhhHEdP2s0jMohGXqNGas_2xZlR5hOXcAf0N108mIV1fOkh0lt09COBlm-28T-sDf8mWGc78dXKM5BoPAIFjaG3JUdGb9qW1DLi-liCbRbYHwElKMvMiKf2qaOTY6QsW38hOVoijslxAdqbpl_SkJZbnggNcRtDJ9f1htL1cZDW9iGOjM54PAmOLBI7mbdajavLKJh5b25K6vX-RWhp2nzPWWctSdi_BHGNY6dzaZuHeAY_q6esjHyCDnGThQkLvCgEOleJhGH5s9lRIz1FCdJIvjz8mka4gegBv-7FGiIwP_LO-4-jgARSi6GEnmKR3fNfHN0mUofRhPHMwR5TsGQrKnypvHeC7p2nxy5HpB_tVcYuwEA2r4QBSdWMBOhuGC3hBb6fBGAhlYwptaeeI%26adurl%3D&g.pu=https%3A//www.yenibiris.com/&g.ru=
Requested by: Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 195.54.48.26 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: be0df4812b017967e89ea23e16544a82704c241993fa2587a1afd13dee5b9e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 03:38:21 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
transfer-encoding: chunked
content-type: application/x-javascript
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
last-modified: Tue, 09 Nov 2021 03:38:21 GMT
server: Apache
access-control-allow-origin: *
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://turismoportugal.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=366707&a.A=im&a.si=5327&a.te=14106&a.ra=1636429100743874&a.agi=26&g.de=0&ca=60013049932&a.hr=js&a.wi=970&a.he=250&a.sh=1200&a.sw=1600&a.ycp=&g.ism=0&gdpr_cmp_failure=1&g.did=&a.we=0&a.pc=https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC4ucjLO2JYcKzLaGT7gOi7o3YBtmUw55l2af6oJYOi62wl7spEAEgz4vIaWCV4pCCoAfIAQmpAuQz7rA6crM-qAMBqgTfAU_QQUAUcsvJXY3qHLOOHG93lWISWbBLKz-e3FIojSymlBhsAX8UyJoAJ76bIFHs09NXS-S-UfJNJMPXmQANnvLPKsW_ox-9Wl5-8EZtH41ziMkK4Lfl8Lkt4KfCncU3W3s9pAvPwMwqUKNcIUQLON6U3ctFli1xawO0mKnXCpCqqOS-h93bJ5nazsYbTDEJiWSU8atwXeWqdHoqX3Hu1WzoM-d6p3h-8sOVnwaQSK-9nwTiUfqDHMIoON-KMNxYL67WU0V_0hbeveffMrSmaz8gkJ0e-X-GdSF0vZNrOeDABOrCo8_gA-AEA5AGAaAGTYAHz7u66wKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPFsZYNyBPdkK3eA9ATANgTCogUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg%26sig%3DAOD64_1OfDlAGYZkffdrV-j18kGslP0trQ%26client%3Dca-pub-2896002660004872%26dbm_c%3DAKAmf-Cfm4RNUAWtuMO_LScTicdr396f5Mgr-WY2zT-KC3ehzDjnP0nfQAkYjvDIQBk-4MYOv0InJNbnrVYdjpIqJA01MZ3y9kVGTO_SSd3gwUQqdgvEj94vjhGXGRUlqjBMQpbDX3rD7I_RlxqlFxZUMmD-HGm_4w%26cry%3D1%26dbm_d%3DAKAmf-B-rqgKAb2zo_jDuiM-z7gDB39mtDpWhhHEdP2s0jMohGXqNGas_2xZlR5hOXcAf0N108mIV1fOkh0lt09COBlm-28T-sDf8mWGc78dXKM5BoPAIFjaG3JUdGb9qW1DLi-liCbRbYHwElKMvMiKf2qaOTY6QsW38hOVoijslxAdqbpl_SkJZbnggNcRtDJ9f1htL1cZDW9iGOjM54PAmOLBI7mbdajavLKJh5b25K6vX-RWhp2nzPWWctSdi_BHGNY6dzaZuHeAY_q6esjHyCDnGThQkLvCgEOleJhGH5s9lRIz1FCdJIvjz8mka4gegBv-7FGiIwP_LO-4-jgARSi6GEnmKR3fNfHN0mUofRhPHMwR5TsGQrKnypvHeC7p2nxy5HpB_tVcYuwEA2r4QBSdWMBOhuGC3hBb6fBGAhlYwptaeeI%26adurl%3D&g.pu=https%3A//www.yenibiris.com/&g.ru=
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1732 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f4c6c5259d48c3bbd963d05536d79784777853e1656a613040f306ccb19ec8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 578C 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 500451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame EB98 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 3F27 11 KB
4 KB 41ms
7ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 732
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3744
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5180-BWI, cache-hhn4065-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1636429102.683486,VS0,VE0
etag: "6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 43

GET
H2 200 index.html Show response
s0.2mdn.net/4528516/1039189791015375/ Frame 015D 7 KB
3 KB 336ms
8ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1039189791015375/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31a447f61a37af381c1599a80ea3b5d7433d6dc0ef1c95846a88887e5e374570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2665
date: Mon, 08 Nov 2021 10:14:47 GMT
expires: Tue, 09 Nov 2021 10:14:47 GMT
last-modified: Mon, 18 Oct 2021 13:16:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 62614
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F27 0
571 B 74ms
23ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupNlsOOBnUTwH1APgO14wDs58X9khr24aCdsTv92-BQXSEpA2uIZSRcLHBBbYi54suZZh7nLUsuPZlHhidhx63CYh0FLePanYmYNY5lfeSr92k1aVoL03sYZRCaLFvrTBRcOKjinaXgehtx0A9LwMgRZJnsFBHbtENq7v7T747E6bKtj-bieiGPTVlcAiX_JIyPvOLjJ5o3iYWUkSH0mcX0Gw97JcDtarzPoh9zu4ET7tY4qx0YWAdM3FxVdxtdS3JPkBvu4Jd1k5LNaYvliOKXrMZ8kddqf40tZwfYAmG3N-ZKiszWbGDtJX0NdW-KKXEbyQL9d15W6yRQEJjG_7Yh9Pkgslev-teN6x0c-bRoIarurrbjQx-jgmDMRYIK9VzMQPwth_JJXLHIlUpCrOaBeTmzPbVuJ4_WzNiShm5TfumGnLhy2GmPvY3MTIgiNj-VHIkahd4HHHiIwkX6Z0DHILhOsJT-p8FzfCypRa8tRGJi1QrZmg_5YNOsfynTNNLCWG9YiGbP6RCppGLOmtG_TdTzYsciREZCkz_R4Njnp8qHFq_-tWbY2FcPFsk0KW5lZdmZaJUXK3KOgC5g7cGiMF7gfhFu5X93wKr8UrSg2V5lAitzViEAxoDmMzCQYqSqFbPRYi_9ODcvZZbWEVpEZ0agU0X1iS0NHFq7HL8ucw9_dHdXOK-L6fH8Vw53rpXlIp2WPsdhIvzjcWY289-AVsCeoICuONLqdatcssoPh8HDGsVkvmKBJy8Wtf-1XQl_fzH3OAm5rokl9o4019Vj0oXlKVTGc78CESxz8B4zy9NHd6zz0-RABeO_V6-isvgJckAODeNKzgNtUTxWEAuXg9pvRhthTRJatEHsMS64LpA7IJ-pY2XFmjtsyIAxAfSy-eeV1DIMMfCLYJv1muwXpYHxEOczAdcv5h-PhY8YE55d2Wy_1DpED5k6wmtyTb_s2rsXNduQAtGydQAtS4fsYGZ-40ybg-GN_ilZmPAmuydTN4ZA6BZnbAPlkBj4yMn4NcuBlxRj1Y8_E1y8x6iokfNsjEOJs8wL3Z2cpqrmgRPtxZXxg9j3iKqlEc15VLTiFmv4Uknn9-TFOhLy1QkymJoHxEMieGSlGYJK2jNU-pAkz4UoqaNgIaCgoko8lWyw-VwNQ9uF6l6U2hVbCnnrJkNeN8h0i8-DGEnV8PbQHjhMOwP&sai=AMfl-YRXQDFDowmPX82JoW_eG4xqICn3oNJo24Te6QjCYYPe928PAbNeUc3oSwxbxxN58wKhcj9r56vxHNOOZdSnf_4bKcc_biPrO4qZTptZc_NhfKeJEhzp0JY_Mbh1hNf4qtf9ir-PXiTPWnQdHgcnd3PSVCZ2Mz2lPbmFEKc&sig=Cg0ArKJSzKVH9zipf_ThEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=161&cisv=r20211103.00644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 09 Nov 2021 03:38:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js Show response
pagead2.googlesyndication.com/bg/ Frame 578C 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 19:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13523
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 19:04:01 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 3F27 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
age: 3469866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 5744557
content-length: 84509
x-served-by: cache-hhn4065-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1636429102.704723,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 adperf_core_1.0.0_scrambled.js Show response
cstatic.weborama.fr/js/advertiserv2/ Frame 1732 104 KB
31 KB 12ms
12ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_core_1.0.0_scrambled.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_launch_1.0.0_scrambled.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF7) /
Resource Hash: 57d26dc350cc8c10af56460f5a6b067565c2cf5bea3eac710944814cc9ee4fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 11:12:11 GMT
server: ECAcc (frc/8FF7)
age: 397342
etag: "3365237273"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 31873
expires: Tue, 16 Nov 2021 03:38:21 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 3F27 0
338 B 101ms
31ms Image
text/plain 63.35.102.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=315077341&adid=507876364&creativeid=160015365&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.102.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-102-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=66 t=1636429101
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 970x250.html Show response
cstatic.weborama.fr/advertiser/5327/92/2879/5765/ Frame AC4A 1 KB
647 B 9ms
8ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_launch_1.0.0_scrambled.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F9D) /
Resource Hash: 687891b8b88c9950086568628453b3600e9bfee37a00ca770ce41f3d7d4a3a5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 471745
cache-control: max-age=604800
content-type: text/html
date: Tue, 09 Nov 2021 03:38:21 GMT
etag: "1488469318"
expires: Tue, 16 Nov 2021 03:38:21 GMT
last-modified: Thu, 29 Jul 2021 21:39:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (frc/8F9D)
vary: Accept-Encoding
x-cache: HIT
content-length: 543

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 3F27 236 B
426 B 55ms
34ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a013-dub-prod.krxd.net, cache-hhn4062-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1636429102.854919,VS0,VE27
content-length: 187
x-cache-hits: 0, 0

GET
H2 200 css
fonts.googleapis.com/ Frame AC4A 5 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Requested by

Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8259f9ff374f5c6e5b4f554f284e27d62d094e777a650dee2fef89ce55b1c055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:06:45 GMT
server: ESF
date: Tue, 09 Nov 2021 03:38:21 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 03:38:21 GMT

GET
H2 200 screenad_interface_1.0.3_scrambled.js Show response
media.adrcdn.com/scripts/ Frame AC4A 29 KB
10 KB 87ms
22ms Script
text/javascript 68.232.34.163
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adrcdn.com/scripts/screenad_interface_1.0.3_scrambled.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/639B) /
Resource Hash: 6f522fbbba8abd42e7a27c37138ae40a42beca58f750deb37102717d22e8bbd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:14:16 GMT
server: ECAcc (lhb/639B)
age: 397779
etag: "1894109687"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 9683

GET
H2 200 jquery-3.2.1.min.js Show response
cstatic.weborama.fr/advertiser/5327/92/2879/5765/ Frame AC4A 85 KB
30 KB 17ms
15ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/jquery-3.2.1.min.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1F) /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 21:39:50 GMT
server: ECAcc (frc/8F1F)
age: 471744
etag: "3106215772"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 30178
expires: Tue, 16 Nov 2021 03:38:21 GMT

GET
H2 200 TweenMax.min.js Show response
cstatic.weborama.fr/advertiser/5327/92/2879/5765/ Frame AC4A 113 KB
38 KB 10ms
9ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/TweenMax.min.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F49) /
Resource Hash: 4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 21:39:49 GMT
server: ECAcc (frc/8F49)
age: 471744
etag: "1186897512"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 38521
expires: Tue, 16 Nov 2021 03:38:21 GMT

GET
H2 200 animation-websummit.js Show response
media.adrcdn.com/ads/Turismo_de_Portugal/3239333635/143543/ Frame AC4A 1 KB
655 B 89ms
23ms Script
text/javascript 68.232.34.163
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adrcdn.com/ads/Turismo_de_Portugal/3239333635/143543/animation-websummit.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/6357) /
Resource Hash: b9418b23cdc40c604e0a896e00cd371c5e9a991830087cb4987341bc32ad3b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Thu, 07 Nov 2019 12:15:48 GMT
server: ECAcc (lhb/6357)
age: 507908
etag: "1380395132"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 563

GET
H2 200 970x250_websummit.css
media.adrcdn.com/ads/Turismo_de_Portugal/3239333635/143543/ Frame AC4A 2 KB
791 B 89ms
24ms Stylesheet
text/css 68.232.34.163
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adrcdn.com/ads/Turismo_de_Portugal/3239333635/143543/970x250_websummit.css
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.163 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhb/63BB) /
Resource Hash: d1df1fc4fce172119a02d78cca0b8a44042aaeae2277ff12c3315f29ca9bf374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Thu, 07 Nov 2019 12:15:48 GMT
server: ECAcc (lhb/63BB)
age: 481280
etag: "1940334888"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 714

GET
H2 200 main.min.js Show response
cstatic.weborama.fr/advertiser/5327/92/2879/5765/ Frame AC4A 9 KB
2 KB 18ms
18ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/main.min.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC5) /
Resource Hash: e4c7c321014fff0a013ea82052509db81a5d93882ed9c093b07370531a416881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/970x250.html?scrrefstr=scr_547771504banner1636429110198&scrdebug=0&scrwidth=970&scrheight=250&scrwebodomain=0&scrdevtype=desktop&vars=wuid%3D%26retargeting%3D%26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 21:39:50 GMT
server: ECAcc (frc/8FC5)
age: 471744
etag: "2281911014"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 2043
expires: Tue, 16 Nov 2021 03:38:21 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB98 0
56 B 17ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZS-CLe2JYeCyGZfz3wOZh4T4BgAAAAA4AeAEAg&bg=!aGulay_NAAYH3anuB907ACkAdvg8WkLyWD-xgxUhvA193P085FMoyBM1P1SUsGFejAtiT_lDC1UN6QIAAADfUgAAAAloAQeZAwv6o5pggoLzhB98iJF4kHHzrD3wXxqT2PcmOYGyM0YSs9wbSTraWRolacqN46sXsDDjyPoJGPTXP-d56QsP49ukiIrDtQF4TK0RjsraW9rRY-6XLwP8EW354VsIO3Kl_5_O_5ilEdS7LmXVNu85saArRBltrdFI7TXsCz3BmZn378f9j5pojmzAun5WF8KefaTTfFbDpnSnpV97Fzv1tDUKZSEw5UkZ3O-G273zonOHA2wCimXLiaXWBkLnm4pUgbY_NCiLF1rYTJE6RDQTDLwzLQ5-sYTsijds_k0eL1YTPumPtpjTZ-oY1I4HsQIy9WF1qZZXVLiXuWf_ymHGYm3qsFtirwH1aND4WSEWe-07-V9dmQ2lHHXZ0C2B2w62U4wifjNKKfuTvQkHd8yXb3dGW8jHAAhc-6tiGWIjlPYxmX28g1DHyew3sZKm3AMvOjRrYKs71AGTbs1vaSgM3Y-v9BKMRQTMsCOWqMxdfGBDhbRpbbhxM47SZM9-dOVTWc9C8z0F_O81bR6s7PPBoGy5GvdSlGnmxiRYA8jG2FbULV-YmSs9pIm5rrAuzsgCgicjB7sN4RnXt_54w_haKYv-T8DMhFMy8Fn09-3zYCT-nMaT9AqqDhJZ9LcrgOcawUNhgh6lgf9TyteSV5PvOhewhSqYxR1cBpjek1w6YIFSh0-1ZyL7JU-lsYU34HLH8tjVu8CIJCVN532Wfc9S6jCYmg7Aae_m-qw-joJ4wNqqXWTM2OkHCu2EW3PFVXpUedfmhCX6HUzdsI4A4XF5n5Pjd2s0WzOPbdPUxGgrb_Dk55S1ljSfAi58uZS59ck7Em_GceGZUYSlsqXOehRbOJMzCMSGUq4wRF__Y4z3tOOYMYomYle-_vpVRHxJ4qv0MeHJc9-zV5B3l2bgtbw6zx9qpieyFo5azd1YMsfdJFe_H5jv7Kg0X0A7py8_Ih9H-6OElGKiQVPuxsOV8WbTn-EN3JFvZjSMeb6FsR38bY14cgBe82VqT7s3C903K524j5z6tFoMchV0gPGIQg

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 578C 0
56 B 18ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIUaRLe2JYbKAG73C7_UPxPe04AYAAAAAOAHgBAI&bg=!3d6l3prNAAYH3anuB907ACkAdvg8WklaUDNIPvsKn3bsfo3n5jV050SAazxVA4ZRmTkr3zZjX8h9AwIAAADMUgAAAAtoAQcKAGAxRO_GdnslEJ5WOUv--xQQu-chcixGWFk_Eu6a4r8WtW8nO3Avp3vdjx-GnJI4EnJyjJ-D57_CDTrf2cdiPqdqXMeilZMeGBMBM5i7ySnssMdNH3GUQCThSCRehZnmsDGZAw4YftMI7aP6CIkeuF0F3o9062lFJ9A4RZuB2CjNMCPYz6o2f3gUfF-l5XnOlYgPIuhKHr1WzQOgXMK78dUJDn7gWxZsTJdnbw5JKcZ68IVTGmiLT5LjKHGLSzIGmKTBDuM4fcDTBVllK5LTjjodwfpLpALSWUa9AFxyGGSMZTWa4loa2As2QNnnsuukjMyZDkQooj7umRxiqfoNRnycpXfHtez3K1NaPpPbXGhVCuzABh80qVfPV1MNX2pZMSJwSHpB67uKt2gWGrhZ_YgHFwMqa22k8C8py9cX22YskR0bNlWG5gqa8oGZXpT7VEqZfZMoE_Pl2EUrFxZQS49d64INEenr58qAXO3qWuXaMvXzLcUulaT1OAWK1InwhdNeSU7ED7hZs8d7bOmXCRD0uXVqWVdW2JdKZeECceEIIxqLJWZwyOxeomjN3MnVc4aMHkevPmXBLKTKrk7Y8IIGkCJQYSYwGKZ9kDYl-gIuNrMuxGrTTn-LIOHTfMVpastODEL5rv4_esb2k-W38-knWBBGLB4pgb2EU0U9hg-RdxUrZJ740PeiwlS3u7h6N82cqyeNhIIR2PSDMy6nb8GcqdP-kfbvdnPDQDnwrZpI2McPWD3DoyYa2xU8eZTz2pmlQVqAy6cUnTSlzaL466yRR6ILdGvkC9qCwqX0-wYvsI9oomak6poNEZuGcaPaIjvLYPIobqOTxi-1FHzm_ar8rcIJEGJFsD5k3QDqKi0g7XRGbSg4vHHsV6qLkcAu8WOAye_FYt9CVe-6GAcOyDM0v0_HknpSBbtrcFOId7nbvVtdjJMlQG70ls5Bt045v9tKDbgpspyzF6pLStLGWGO4RfH1-dYaV9vZYn68HG_Gvzot1XLU2SevoR4MJQIuZe9uxbZ1I8SnxhVhYZmFC2OyuSEGU6MD2c6Oru2AMssGN1cDjVt-TZMlyCmzJJOPLyamWiwd7BSNnC3Cd0om9qevPYdJwyKcKKBKVgyDjg24CNDSpG_a7-2_ZN-x8KqrtnLjMGiv-CZyLwjU3C-aZq2nXw

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adcms_settings.xml Show response
cstatic.weborama.fr/advertiser/5327/92/2879/5765/ Frame AC4A 1 KB
514 B 10ms
9ms XHR
text/xml 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/adcms_settings.xml
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E92) /
Resource Hash: af550a1f3a5ba58220cbfe3b45db75d2e6edaad1e9d5265c4075699b088a5fc5

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://cstatic.weborama.fr/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:21 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 21:39:49 GMT
server: ECAcc (frc/8E92)
age: 471743
etag: "1977105886"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/xml
content-length: 435
expires: Tue, 16 Nov 2021 03:38:21 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 015D 236 KB
63 KB 86ms
23ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1039189791015375/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 09 Nov 2021 03:53:22 GMT

GET
H2 200 javascript.js Show response
s0.2mdn.net/4528516/1039189791015375/ Frame 015D 25 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/1039189791015375/javascript.js?1633357880424

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/1039189791015375/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28fbe08857f23557920bf552f1c169d550b26ccec5b1e45fc5b14091a0d4a9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1039189791015375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6352
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 13:16:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 10:14:47 GMT

GET
H2 200 GV5NWbXcDXk Show response
www.youtube.com/embed/ Frame 4B81 59 KB
25 KB 86ms
58ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Requested by

Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/jquery-3.2.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cb54dc4e5e7cf2491d4f43acc2c206dbf6c48dea845e663d9c01e939c262bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 09 Nov 2021 03:38:22 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bg.png
cstatic.weborama.fr/advertiser/5327/92/2879/5765/ Frame AC4A 448 KB
448 KB 11ms
11ms Image
image/png 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cstatic.weborama.fr/advertiser/5327/92/2879/5765/bg.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8C) /
Resource Hash: 264fef901ee392226fb5b9d18ef5f55ebcfaa7ea75cd4e5cc08658fec425c4d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
last-modified: Thu, 29 Jul 2021 21:40:22 GMT
server: ECAcc (frc/8F8C)
age: 471744
etag: "762058824"
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 458720
expires: Tue, 16 Nov 2021 03:38:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame AC4A 19 KB
20 KB 44ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cstatic.weborama.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 04:48:55 GMT
x-content-type-options: nosniff
age: 427767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 04:48:55 GMT

GET
H2 200 visual.png
s0.2mdn.net/4528516/1039189791015375/ Frame 015D 33 KB
33 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/1039189791015375/visual.png?1633357880417

Requested by

Host: 6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
URL: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e68f868943331ab4a3819cf47d40881aa179b352445f87fff27a9608d486983a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/1039189791015375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:14:47 GMT
x-content-type-options: nosniff
age: 62615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33884
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 13:16:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 10:14:47 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F27 0
23 B 34ms
19ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupNlsOOBnUTwH1APgO14wDs58X9khr24aCdsTv92-BQXSEpA2uIZSRcLHBBbYi54suZZh7nLUsuPZlHhidhx63CYh0FLePanYmYNY5lfeSr92k1aVoL03sYZRCaLFvrTBRcOKjinaXgehtx0A9LwMgRZJnsFBHbtENq7v7T747E6bKtj-bieiGPTVlcAiX_JIyPvOLjJ5o3iYWUkSH0mcX0Gw97JcDtarzPoh9zu4ET7tY4qx0YWAdM3FxVdxtdS3JPkBvu4Jd1k5LNaYvliOKXrMZ8kddqf40tZwfYAmG3N-ZKiszWbGDtJX0NdW-KKXEbyQL9d15W6yRQEJjG_7Yh9Pkgslev-teN6x0c-bRoIarurrbjQx-jgmDMRYIK9VzMQPwth_JJXLHIlUpCrOaBeTmzPbVuJ4_WzNiShm5TfumGnLhy2GmPvY3MTIgiNj-VHIkahd4HHHiIwkX6Z0DHILhOsJT-p8FzfCypRa8tRGJi1QrZmg_5YNOsfynTNNLCWG9YiGbP6RCppGLOmtG_TdTzYsciREZCkz_R4Njnp8qHFq_-tWbY2FcPFsk0KW5lZdmZaJUXK3KOgC5g7cGiMF7gfhFu5X93wKr8UrSg2V5lAitzViEAxoDmMzCQYqSqFbPRYi_9ODcvZZbWEVpEZ0agU0X1iS0NHFq7HL8ucw9_dHdXOK-L6fH8Vw53rpXlIp2WPsdhIvzjcWY289-AVsCeoICuONLqdatcssoPh8HDGsVkvmKBJy8Wtf-1XQl_fzH3OAm5rokl9o4019Vj0oXlKVTGc78CESxz8B4zy9NHd6zz0-RABeO_V6-isvgJckAODeNKzgNtUTxWEAuXg9pvRhthTRJatEHsMS64LpA7IJ-pY2XFmjtsyIAxAfSy-eeV1DIMMfCLYJv1muwXpYHxEOczAdcv5h-PhY8YE55d2Wy_1DpED5k6wmtyTb_s2rsXNduQAtGydQAtS4fsYGZ-40ybg-GN_ilZmPAmuydTN4ZA6BZnbAPlkBj4yMn4NcuBlxRj1Y8_E1y8x6iokfNsjEOJs8wL3Z2cpqrmgRPtxZXxg9j3iKqlEc15VLTiFmv4Uknn9-TFOhLy1QkymJoHxEMieGSlGYJK2jNU-pAkz4UoqaNgIaCgoko8lWyw-VwNQ9uF6l6U2hVbCnnrJkNeN8h0i8-DGEnV8PbQHjhMOwP&sai=AMfl-YRXQDFDowmPX82JoW_eG4xqICn3oNJo24Te6QjCYYPe928PAbNeUc3oSwxbxxN58wKhcj9r56vxHNOOZdSnf_4bKcc_biPrO4qZTptZc_NhfKeJEhzp0JY_Mbh1hNf4qtf9ir-PXiTPWnQdHgcnd3PSVCZ2Mz2lPbmFEKc&sig=Cg0ArKJSzKVH9zipf_ThEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=620&vt=11&dtpt=456&dett=3&cstd=161&cisv=r20211103.00644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yenibiris.com
URL: https://www.yenibiris.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 03:38:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 3F27 81 B
240 B 31ms
31ms Script
text/javascript 63.35.102.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.102.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-102-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5d7f6a8a06e6184328cb139d68927aef599c637137dcc91e11eb36b0d058d6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=39 t=1636429102
x-served-by: beacon-n011-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame 4B81 335 KB
46 KB 319ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47115
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:13 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame 4B81 209 KB
69 KB 308ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70045
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 4B81 2 MB
516 KB 321ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 527841
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame 4B81 8 KB
3 KB 317ms
17ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4B81 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 420987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 06:41:55 GMT

GET
H2 200 CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 015D 102 KB
102 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1039189791015375/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:27:26 GMT
x-content-type-options: nosniff
age: 656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104232
x-xss-protection: 0
last-modified: Thu, 06 Oct 2016 14:32:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 03:42:26 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4B81 113 B
159 B 23ms
23ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6459811ed5b120120462018504b2c7a1f19125f338e1ff694da16c5a7a0aceba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4B81 29 B
587 B 33ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:31:30 GMT
x-content-type-options: nosniff
age: 412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 03:46:30 GMT

GET
H2 200 M6hl5l7zY5gbN1aKYIYb6A4OXig-7ap6CzHtuTYlErk.js Show response
www.google.com/js/th/ Frame 4B81 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/M6hl5l7zY5gbN1aKYIYb6A4OXig-7ap6CzHtuTYlErk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33a865e65ef363981b37568a60861be80e0e5e283eedaa7a0b31edb9362512b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13452
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 19:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 07:16:47 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 4B81 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7365
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:36:57 GMT

POST
H2 200 player Show response
www.youtube.com/youtubei/v1/ Frame 4B81 101 KB
22 KB 99ms
98ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

004f99beec71acb855e0cc29533545d398b098bfd576e0eafcabdf86bf96e739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211107.00.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id: CgtIZ25IMzd6aWpCMCiu2qeMBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22726
x-xss-protection: 0
expires: Tue, 09 Nov 2021 03:38:22 GMT

GET
DATA 200
OK truncated
/ Frame 4B81 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQPrHxO6gSjYfSQCZiwJsuob4MiJiAFSL0WQYDsYQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4B81 2 KB
2 KB 33ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQPrHxO6gSjYfSQCZiwJsuob4MiJiAFSL0WQYDsYQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0beb6d6b6342b0b6551c210bccd8b2c04ae38985d336deb01928524c89740b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:51:59 GMT
x-content-type-options: nosniff
age: 2783
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1762
x-xss-protection: 0
server: fife
etag: "v17b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 05 Nov 2021 06:45:54 GMT

GET
DATA 200
OK truncated
/ Frame 4B81 234 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ea54f0faf34e30af9393c3cf406fd222a2c8d7adabbde2bd3f0234d5763e599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F27 42 B
174 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0bOxRniBXs-jBVUXCVRxeg_EY20P8CrCGBEgL8rMI_t-x_Qtk-xWf_HwZrwQbbVJwtL6Q2rEvVtirI1nQJlf4TNx4i1TFOOLgwA0PExQTwRbJNiG8pQ&sai=AMfl-YSr4zfcOoWriIh9mwr2gjmY_ygcZBdY-aDXndRNtY6xy2I31jVexb6ClRhYeEjK1got0_n1AOWRV5fN7A_3YTQlALdmUoolp5ve6VmsxJs6rLiq_2tZsTFKVrLQG-o&sig=Cg0ArKJSzCmIxTbG8479EAE&cid=CAASFeRohxpCi0zFDibT7BbA0jcRY6ZX7A&id=lidar2&mcvt=1094&p=718,243,808,971&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=109500354&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636429100671&rpt=531&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1732 42 B
108 B 18ms
18ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxwjDMCmy9EcUiQaP7WVXiJ0MH8A8l3fQ4SKpIjxXXjwET-0Rv05RkR6tySasDxhJMX2EcBLjE1QQqXSfhv1G5pG-radrKWC3zMlsH&sai=AMfl-YSIUvuM4N0KaBuysZz7NKVFfZuWgxIwwy4wbqz2a4zcJLH-SOt-aO3W_bNmQL00Xo210gnrgVFBzJkc1RuQojugPVmK8yujNOytckcWzDPF5m1c7UEBkvoGmlKkud4&sig=Cg0ArKJSzNB1T-Fmq3DpEAE&cid=CAASFeRoIsZaJL0a_3ZSyWRw5_O7ANcwWg&id=lidar2&mcvt=1065&p=1096,315,1346,1285&mtos=0,0,0,1065,1065&tos=0,0,0,1065,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.42&if=1&app=0&itpl=20&adk=2880847644&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636429100625&rpt=621&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 4B81 0
39 B 8ms
7ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?b165cA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 qoe Show response
www.youtube.com/api/stats/ Frame 4B81 0
176 B 20ms
19ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=396&afmt=251&cpn=BSGDxSJN8BhFAqYm&ei=Lu2JYbylKtKxgQfgr7_YBw&el=embedded&docid=GV5NWbXcDXk&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24104618%2C24108263%2C24115509%2C24116772%2C24130420&cl=408212490&seq=1&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211107.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.211:B,0.211:B&cmt=0.009:0.000,0.211:0.000&afs=0.211:251::i&vfs=0.211:396:396::r&view=0.211:349:197&bwe=0.211:130000&bat=0.211:1:1&vis=0.211:0&bh=0.211:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1636429102170&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:22 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5lzney.googlevideo.com/ Frame 4B81 91 KB
92 KB 77ms
10ms XHR
video/mp4 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.googlevideo.com/videoplayback?expire=1636450702&ei=Lu2JYbylKtKxgQfgr7_YBw&ip=2001%3Aac8%3A20%3A8f%3A138%3A%3A1&id=o-AIq_ICOl7FziCABWuXIwjAH6H9MMenHb0sKd2JGL93tk&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=MH&mm=31%2C26&mn=sn-4g5lzney%2Csn-aigzrnld&ms=au%2Conr&mv=m&mvi=1&pl=53&initcwndbps=243750&vprv=1&mime=video%2Fmp4&ns=XYsa6dMPMaDX1HHEwVmtIIYG&gir=yes&clen=865418&dur=30.000&lmt=1634320630963134&mt=1636428786&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=jXt7rQqraLe2DA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgQNaPdQwbewyCjdzy8lcGcBWkoTtjD__WCoXAfR5wtGQCIE05rxA6OVdqpijA7bB9jMqoKxw40_u4yIOfXq3M3_j_&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIfOHfn3jNH_-r8vtF01D-G_GdPuXYvXuAlbl5lQ8EU8AiAO-DmQPC2qbWJx1acjGVsKMCquA2cgd-_eHOpu3SYFiA%3D%3D&alr=yes&cpn=BSGDxSJN8BhFAqYm&cver=1.20211107.00.00&range=0-92899&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9e97aa0e6ee73de0da31c0b1185be025c09d5311daa7456301c666b9add7c515

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:22 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 92900
Last-Modified: Fri, 15 Oct 2021 17:57:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Tue, 09 Nov 2021 03:38:22 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5lzney.googlevideo.com/ Frame 4B81 64 KB
65 KB 75ms
9ms XHR
audio/webm 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.googlevideo.com/videoplayback?expire=1636450702&ei=Lu2JYbylKtKxgQfgr7_YBw&ip=2001%3Aac8%3A20%3A8f%3A138%3A%3A1&id=o-AIq_ICOl7FziCABWuXIwjAH6H9MMenHb0sKd2JGL93tk&itag=251&source=youtube&requiressl=yes&mh=MH&mm=31%2C26&mn=sn-4g5lzney%2Csn-aigzrnld&ms=au%2Conr&mv=m&mvi=1&pl=53&initcwndbps=243750&vprv=1&mime=audio%2Fwebm&ns=XYsa6dMPMaDX1HHEwVmtIIYG&gir=yes&clen=500549&dur=30.021&lmt=1634317776113777&mt=1636428786&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=jXt7rQqraLe2DA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUM5-JxGpzFSlkna8d8yvnRA_G9dmjsXF8EGR44sDq0cCICSOr-PkOoSqX5RSkRrymnvGGlCiTUGp-J28S9KNfn5D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIfOHfn3jNH_-r8vtF01D-G_GdPuXYvXuAlbl5lQ8EU8AiAO-DmQPC2qbWJx1acjGVsKMCquA2cgd-_eHOpu3SYFiA%3D%3D&alr=yes&cpn=BSGDxSJN8BhFAqYm&cver=1.20211107.00.00&range=0-65868&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8d8601aac6448c56aadc375ee34b401f6099a5348d2da1f4a370bab053e8bb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:22 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65869
Last-Modified: Fri, 15 Oct 2021 17:09:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 09 Nov 2021 03:38:22 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 4B81 94 KB
29 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:07 GMT

GET
H2 200 captions.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 4B81 64 KB
24 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ebcf0a7fc7445fa80105a57cb3dbb040dafb64615ef8891d7d66ee0f6f3bd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24518
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:30 GMT

GET
H2 200 endscreen.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 4B81 26 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36083ffd9b396a27e5237201e53bfe68f6cd6e98db2a473bbda4f038ad37c7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7219
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:31 GMT

GET
H2 200 annotations_module.js Show response
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 4B81 66 KB
19 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0629c93f51bc6db174ca0e93347b433eb1f81469a6683619dc59c6111dc47ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19758
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Nov 2022 15:38:31 GMT

POST
H2 200 next Show response
www.youtube.com/youtubei/v1/ Frame 4B81 61 KB
6 KB 237ms
236ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

3662edb2a13d3b62e43aeab60216539fdf4ed06d8afad69cfde5c9e7baf8450a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211107.00.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id: CgtIZ25IMzd6aWpCMCiu2qeMBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 09 Nov 2021 03:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5547
x-xss-protection: 0
expires: Tue, 09 Nov 2021 03:38:23 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/5D1TiKg5e0Q2FDzlBk2mdA/ Frame 4B81 6 KB
7 KB 51ms
8ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/5D1TiKg5e0Q2FDzlBk2mdA/featured_channel.jpg?v=60d345ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be50f77bbe96401d29526db24431e435c46a283707d324b277a2046190fed3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:33:38 GMT
x-content-type-options: nosniff
age: 284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6447
x-xss-protection: 0
server: sffe
etag: "1624458730"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Nov 2021 05:33:38 GMT

GET
H2 200 timedtext Show response
www.youtube.com/api/ Frame 4B81 905 B
427 B 26ms
26ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/timedtext?v=GV5NWbXcDXk&asr_langs=de%2Cen%2Ces%2Cfr%2Cid%2Cit%2Cja%2Cko%2Cnl%2Cpt%2Cru%2Ctr%2Cvi&caps=asr&exp=xftt%2Cxctw&xoaf=5&hl=de&ip=0.0.0.0&ipbits=0&expire=1636454302&sparams=ip%2Cipbits%2Cexpire%2Cv%2Casr_langs%2Ccaps%2Cexp%2Cxoaf&signature=CC69E001634B8A22B97021AA5C8A01E55AFDB11B.79C890765946C03803D0D8A7C8EAF584AAC228CE&key=yt8&lang=de&fmt=json3&xorb=2&xobt=3&xovt=3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

video-timedtext /

Resource Hash

5cc357a27dd329fa9e329d8acb9c7fbeeb5989cea2e34690d4aea87ff9560bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1636429102170&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: video-timedtext
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4B81 4 KB
3 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 03:38:22 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5lzney.googlevideo.com/ Frame 4B81 74 KB
75 KB 311ms
8ms XHR
audio/webm 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.googlevideo.com/videoplayback?expire=1636450702&ei=Lu2JYbylKtKxgQfgr7_YBw&ip=2001%3Aac8%3A20%3A8f%3A138%3A%3A1&id=o-AIq_ICOl7FziCABWuXIwjAH6H9MMenHb0sKd2JGL93tk&itag=251&source=youtube&requiressl=yes&mh=MH&mm=31%2C26&mn=sn-4g5lzney%2Csn-aigzrnld&ms=au%2Conr&mv=m&mvi=1&pl=53&initcwndbps=243750&vprv=1&mime=audio%2Fwebm&ns=XYsa6dMPMaDX1HHEwVmtIIYG&gir=yes&clen=500549&dur=30.021&lmt=1634317776113777&mt=1636428786&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=jXt7rQqraLe2DA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUM5-JxGpzFSlkna8d8yvnRA_G9dmjsXF8EGR44sDq0cCICSOr-PkOoSqX5RSkRrymnvGGlCiTUGp-J28S9KNfn5D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIfOHfn3jNH_-r8vtF01D-G_GdPuXYvXuAlbl5lQ8EU8AiAO-DmQPC2qbWJx1acjGVsKMCquA2cgd-_eHOpu3SYFiA%3D%3D&alr=yes&cpn=BSGDxSJN8BhFAqYm&cver=1.20211107.00.00&range=65869-141598&rn=3&rbuf=3884

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dbb5638584e3ee42a664b228a5078daf9967b3ed63d43b413a03c69d28323026

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:23 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 75730
Last-Modified: Fri, 15 Oct 2021 17:09:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 09 Nov 2021 03:38:23 GMT

GET
H2 200 timedtext Show response
www.youtube.com/api/ Frame 4B81 905 B
407 B 16ms
16ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

video-timedtext /

Resource Hash

5cc357a27dd329fa9e329d8acb9c7fbeeb5989cea2e34690d4aea87ff9560bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1636429102170&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: video-timedtext
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame 4B81 52 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 09 Nov 2021 20:44:34 GMT

GET
H2 200 timedtext Show response
www.youtube.com/api/ Frame 4B81 905 B
407 B 18ms
18ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

video-timedtext /

Resource Hash

5cc357a27dd329fa9e329d8acb9c7fbeeb5989cea2e34690d4aea87ff9560bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1636429102170&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: video-timedtext
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4B81 28 B
178 B 30ms
29ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtIZ25IMzd6aWpCMCiu2qeMBg%3D%3D
X-YouTube-Ad-Signals: dt=1636429102170&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

date: Tue, 09 Nov 2021 03:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 09 Nov 2021 03:38:23 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame 4B81 0
55 B 23ms
22ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=BSGDxSJN8BhFAqYm&docid=GV5NWbXcDXk&ver=2&cmt=0.064&fmt=396&fs=0&rt=0.446&euri=https%3A%2F%2Fcstatic.weborama.fr%2F&lact=472&cl=408212490&mos=1&volume=100&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211107.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=de_DE&cr=DE&len=30.021&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24104618%2C24108263%2C24115509%2C24116772%2C24130420&rtn=11&afmt=251&size=349%3A197&inview=0&muted=1&cc=.de&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FGV5NWbXcDXk%3Fplaysinline%3D1%26mute%3D1%26autoplay%3D1%26enablejsapi%3D1&ei=Lu2JYbylKtKxgQfgr7_YBw&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdCNnZCWTNJZWdwU19UOGsyMnBUUEZ5RURKWEJKMzU5TXhWaTJaajFCNVlBQWJQQVBta0tESkpwTWlULXBWWVpHNnZQOGl4RnU5UmtFV0Vsc09fUEU1UFpha3BfUEF0d3ZXVXFKVnI3R3ZnTmw1cXF5NEh1SlNsc1kzNlJrcGY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:23 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ptracking
www.youtube.com/ Frame 4B81 0
133 B 22ms
22ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=GV5NWbXcDXk&cpn=BSGDxSJN8BhFAqYm&ei=Lu2JYbylKtKxgQfgr7_YBw&ptk=youtube_none&pltype=contentugc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:23 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 timedtext Show response
www.youtube.com/api/ Frame 4B81 905 B
409 B 16ms
16ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

video-timedtext /

Resource Hash

5cc357a27dd329fa9e329d8acb9c7fbeeb5989cea2e34690d4aea87ff9560bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1636429102170&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 03:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: video-timedtext
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5lzney.googlevideo.com/ Frame 4B81 280 KB
281 KB 9ms
8ms XHR
video/mp4 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5dc50110e029443dfe5e2a3b431c78099b25edc1dbcae7cf14a053c58383909e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:23 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 286245
Last-Modified: Fri, 15 Oct 2021 17:57:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Tue, 09 Nov 2021 03:38:23 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5lzney.googlevideo.com/ Frame 4B81 155 KB
156 KB 9ms
8ms XHR
audio/webm 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lzney.googlevideo.com/videoplayback?expire=1636450702&ei=Lu2JYbylKtKxgQfgr7_YBw&ip=2001%3Aac8%3A20%3A8f%3A138%3A%3A1&id=o-AIq_ICOl7FziCABWuXIwjAH6H9MMenHb0sKd2JGL93tk&itag=251&source=youtube&requiressl=yes&mh=MH&mm=31%2C26&mn=sn-4g5lzney%2Csn-aigzrnld&ms=au%2Conr&mv=m&mvi=1&pl=53&initcwndbps=243750&vprv=1&mime=audio%2Fwebm&ns=XYsa6dMPMaDX1HHEwVmtIIYG&gir=yes&clen=500549&dur=30.021&lmt=1634317776113777&mt=1636428786&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=jXt7rQqraLe2DA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUM5-JxGpzFSlkna8d8yvnRA_G9dmjsXF8EGR44sDq0cCICSOr-PkOoSqX5RSkRrymnvGGlCiTUGp-J28S9KNfn5D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIfOHfn3jNH_-r8vtF01D-G_GdPuXYvXuAlbl5lQ8EU8AiAO-DmQPC2qbWJx1acjGVsKMCquA2cgd-_eHOpu3SYFiA%3D%3D&alr=yes&cpn=BSGDxSJN8BhFAqYm&cver=1.20211107.00.00&range=141599-300661&rn=5&rbuf=8157

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

676bab9b8dfbd441d04408d8cd62f5cdc23b2af9984d1cb61d29a108bd8fbdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:23 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 159063
Last-Modified: Fri, 15 Oct 2021 17:09:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 09 Nov 2021 03:38:23 GMT

GET
H2 200 external.html Show response
cstatic.weborama.fr/iframe/ Frame 48F4 55 B
193 B 12ms
10ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/external.html?gdpr_cmp_failure=1
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_core_1.0.0_scrambled.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F94) /
Resource Hash: 538ed9d8c563eca08780be8790440c3d8e3ca397c255afbed9c851e42d91d8ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 353901
cache-control: max-age=604800
content-type: text/html
date: Tue, 09 Nov 2021 03:38:23 GMT
etag: "2365077470"
expires: Tue, 16 Nov 2021 03:38:23 GMT
last-modified: Wed, 21 Apr 2021 09:47:58 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (frc/8F94)
x-cache: HIT
content-length: 55

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4B81 28 B
199 B 19ms
19ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GV5NWbXcDXk?playsinline=1&mute=1&autoplay=1&enablejsapi=1
X-YouTube-Client-Version: 1.20211107.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtIZ25IMzd6aWpCMCiu2qeMBg%3D%3D
X-YouTube-Ad-Signals: dt=1636429102084&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C349%2C197&vis=1&wgl=true&ca_type=image&bid=ANyPxKqrP0wCAZr0viktx9gLTsG4Jfm4JRBW0iCa_0FSMAmJYU6ffKsUGdBH1b49z5Hg-UG8B63EVLxdi4ie4FR8KoA6BxaiOQ

Response headers

date: Tue, 09 Nov 2021 03:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 09 Nov 2021 03:38:24 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5lzney.googlevideo.com/ Frame 4B81 475 KB
476 KB 9ms
8ms XHR
video/mp4 2a00:1450:4001:1b::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eb3db138521ceb9e82b1a9d0d17ab161239b7a1e8395cdde52afe34af962502c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 03:38:25 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 486273
Last-Modified: Fri, 15 Oct 2021 17:57:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21297
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Tue, 09 Nov 2021 03:38:25 GMT

GET
H2 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 015D 57 KB
57 KB 9ms
9ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/1039189791015375/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:30:55 GMT
x-content-type-options: nosniff
age: 450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 03:45:55 GMT

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yenibiris.com/	1970-01-20 07:19:25	Name: User_Info Value: {"CookieUsageDisplayed":true,"Version":1}
.yenibiris.com/	1970-01-19 22:33:50	Name: __asc Value: 6846ce0417d02c67426a8183abf
.yenibiris.com/	1970-01-20 07:20:51	Name: __auc Value: 6846ce0417d02c67426a8183abf
.yenibiris.com/	1970-01-20 00:43:25	Name: _gcl_au Value: 1.1.2040282507.1636429100
.bluekai.com/	1970-01-20 02:53:01	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 02:53:01	Name: bku Value: aGT99Yp+iVaQuGz6
www.yenibiris.com/	1970-01-19 22:35:15	Name: adBlockNotDetected Value: yes
.criteo.com/	1970-01-20 07:55:25	Name: uid Value: 949d2e39-f6ce-4fdd-9bd9-babe4d4a48e9
.yenibiris.com/	1970-01-20 16:05:01	Name: _ga Value: GA1.2.497443161.1636429100
.yenibiris.com/	1970-01-19 22:35:15	Name: _gid Value: GA1.2.1851612897.1636429100
.yenibiris.com/	1970-01-19 22:33:49	Name: _gat_UA-1161776-1 Value: 1
.yenibiris.com/	1970-01-20 08:03:13	Name: cto_bundle Value: V_ID4V94NnphOEtLRSUyQjVMMDZoaW5hdTJuQXZZWjljJTJCakl0ZGs0RjNuNUdLOURZcTdSZW4xdU1HYW5IbllqTFZZcG4lMkZwZGVqQTQ4MnpWNXFNTkpRdXhjNEFuOENpR05VVVV1c09abW1iVHI0ejI4YTFXJTJGVURtSE1PUlJhaWdNTSUyRncwVTlVRnVFSVlnNTBoTFNxdTRmZEE5RDZBJTNEJTNE
.www.yenibiris.com/	1970-01-20 15:50:37	Name: VLCV1OK Value: 1
.www.yenibiris.com/	1970-01-20 15:50:37	Name: OfferMiner_ID Value: EHMTLCJRGUTTEENO20211109033820
.adscale.de/	1970-01-20 07:16:05	Name: uu Value: 7234544c49034221bd405a7ddc0308e2
.adscale.de/	1970-01-20 07:16:05	Name: cct Value: 1636429100945
.yahoo.com/	1970-01-20 07:19:46	Name: A3 Value: d=AQABBCztiWECEB2rYr60NKuZugNEHTQRii4FEgEBAQE-i2GTYQAAAAAA_eMAAA&S=AQAAAu_4OGb07E-Nxic-Uy6fmkI
.adnxs.com/	1970-01-20 00:43:25	Name: uuid2 Value: 5432835322831663953
.taboola.com/	1970-01-20 07:19:25	Name: t_gid Value: 67afc150-0775-499b-a2ae-d733504ada9d-tuct88372ac
.bidswitch.net/	1970-01-20 07:19:25	Name: tuuid Value: 999a8ce1-62fb-4b23-854f-c932fe15d6ed
.bidswitch.net/	1970-01-20 07:19:25	Name: c Value: 1636429100
.pubmatic.com/	1970-01-19 23:17:01	Name: KRTBCOOKIE_97 Value: 3385-uid:k-OJWCcEYoBKB1fIV1M--wj9HUwDKMeIFY5Red3Q&KRTB&23286-uid:k-OJWCcEYoBKB1fIV1M--wj9HUwDKMeIFY5Red3Q&KRTB&23287-uid:k-OJWCcEYoBKB1fIV1M--wj9HUwDKMeIFY5Red3Q&KRTB&23288-uid:k-OJWCcEYoBKB1fIV1M--wj9HUwDKMeIFY5Red3Q
.pubmatic.com/	1970-01-19 23:17:01	Name: PugT Value: 1636429100
.pubmatic.com/	1970-01-20 00:43:25	Name: PUBMDCID Value: 3
.ih.adscale.de/	1970-01-20 07:16:05	Name: tu Value: 4#3416165009#111~k-98zkikYoBKB1fIV1M--wj9HUwDJV7ls9ANSYkQ~454563~0~0
.openx.net/	1970-01-20 07:19:25	Name: i Value: 8b359429-3b71-4b83-ab07-340a34d21268\|1636429100
.advertising.com/	1970-01-20 07:20:51	Name: APID Value: UP7c28aa6a-410e-11ec-9ce2-0228d03d97ac
.360yield.com/	1970-01-20 00:43:25	Name: tuuid Value: 47e5caca-ab9d-4144-ac5e-fa53adda9119
.360yield.com/	1970-01-20 00:43:25	Name: tuuid_lu Value: 1636429101
.rlcdn.com/	1970-01-20 07:19:25	Name: rlas3 Value: XdDQwrktBm/qKCEZIrKEdShVUjrklXuH10FKTxHZRSo=
.rlcdn.com/	1970-01-20 00:00:13	Name: pxrc Value: CAA=
.doubleclick.net/	1970-01-20 07:55:25	Name: IDE Value: AHWqTUmVCnzGHRqY0SXRbNhATPqR0XQHuOHs_3YcXePC9Rs2fR3N4hjFTgrYaW--7wo
.bidswitch.net/	1970-01-20 07:19:25	Name: tuuid_lu Value: 1636429101
.yenibiris.com/	1970-01-20 07:55:25	Name: __gads Value: ID=5748c0217c9e4df6-225515283acb00dd:T=1636429100:S=ALNI_MYsOqyeRIYXSus-dOC4fCkROGMbhg
.tapad.com/	1970-01-20 00:00:13	Name: TapAd_TS Value: 1636429101049
.tapad.com/	1970-01-20 00:00:13	Name: TapAd_DID Value: c249a144-4777-49e4-8fb6-efc129c67e37
.360yield.com/	1970-01-20 00:43:25	Name: um Value: !38,Y3Sw7yJk0uIzV.LkNbyOVDtof9ohVRhcJmgb9HZ6J.MbJHoIj.rqpj7.UtXfAsrNMh7Kc3IQ,1644205101
.360yield.com/	1970-01-20 00:43:25	Name: umeh Value: !38,0,1698637101,-1
.analytics.yahoo.com/	1970-01-20 07:20:51	Name: IDSYNC Value: "18zh~21ff:1761~21ff"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP7c28aa6a-410e-11ec-9ce2-0228d03d97ac
.yahoo.com/	1970-01-19 22:35:15	Name: APIDTS Value: 1636429101
.tapad.com/	1970-01-20 00:00:13	Name: TapAd_3WAY_SYNCS Value:
cm.mgid.com/	1970-01-19 23:17:01	Name: mg_sync Value: {"617660":1636429101}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: la8lG9bp_1Cj
.mgid.com/	1970-01-19 22:33:50	Name: __cf_bm Value: 5xcIWqf8dmKV4Ue9J8jBn1NS7lf8Huz3nf7z_b9cGVk-1636429101-0-AcCVv4BStFxL7f8e7NPEOgf7jNl6/rl4YFTDEPXLD1XBPtZOvzaDeIWoqQOOpPi1eubSt4fmbrWn8Kskx09mbr0=
.turn.com/	1970-01-20 02:53:01	Name: uid Value: 3776043564747480709
.addthis.com/	1970-01-20 07:55:25	Name: ouid Value: 6189ed2d00013a5206832e404f4295c55797744c6c8fb8c1274a
.addthis.com/	1970-01-20 07:55:25	Name: uid Value: 6189ed2d24e133cc
.addthis.com/	1970-01-20 07:55:25	Name: na_id Value: 2021110903382116700234514264
.outbrain.com/	1970-01-20 00:43:25	Name: obuid Value: 6cda3e50-a3b9-4da9-98e9-a73ddad72945
.outbrain.com/	1970-01-19 23:17:01	Name: criteo Value: k-ex9DokYoBKB1fIV1M--wj9HUwDJTVFKMZ04Bvw
.tpmn.co.kr/	1970-01-20 07:19:25	Name: uuid Value: 65d2a0b3aebe4ee7bdb6ee0b0fd74c10
.tpmn.co.kr/	1970-01-19 23:17:01	Name: criteo Value: k-fI95fkYoBKB1fIV1M--wj9HUwDJ91XJJtnHBQA
.www.yenibiris.com/	1970-01-20 15:50:37	Name: VL_CM_0 Value: %7B%22Items%22%3A%5B%7B%22K%22%3A%22VL_LastPageViewTime%22%2C%22V%22%3A%222021-11-09%252003%253A38%253A20%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22VL_LastPVTimeForTD%22%2C%22V%22%3A%222021-11-09%252003%253A38%253A20%22%2C%22E%22%3A%222021-11-09%2004%3A08%3A20%22%7D%2C%7B%22K%22%3A%22VL_TotalDuration%22%2C%22V%22%3A%221%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22VL_FirstVisitTime%22%2C%22V%22%3A%222021-11-09%252003%253A38%253A20%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22VL_TotalPV%22%2C%22V%22%3A%222%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22VL_PVCountInVisit%22%2C%22V%22%3A%222%22%2C%22E%22%3A%222021-11-09%2004%3A08%3A20%22%7D%2C%7B%22K%22%3A%22VL_VisitStartTime%22%2C%22V%22%3A%222021-11-09%252003%253A38%253A20%22%2C%22E%22%3A%222021-11-09%2004%3A08%3A20%22%7D%2C%7B%22K%22%3A%22VL_TotalVisit%22%2C%22V%22%3A%221%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22OfferMiner_ID%22%2C%22V%22%3A%22EHMTLCJRGUTTEENO20211109033820%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22OM_INW%22%2C%22V%22%3A%221%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A20%22%7D%2C%7B%22K%22%3A%22OMB_New%22%2C%22V%22%3A%221%22%2C%22E%22%3A%222021-11-09%2004%3A08%3A21%22%7D%2C%7B%22K%22%3A%22VLTVisitorC%22%2C%22V%22%3A%22%257B%2522data%2522%253A%257B%257D%257D%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A21%22%7D%2C%7B%22K%22%3A%22VLTB_ABTestC%22%2C%22V%22%3A%22%257B%2522ab%2522%253A%255B%255D%252C%2522sp%2522%253A%255B%255D%257D%22%2C%22E%22%3A%222023-10-30%2003%3A38%3A21%22%7D%5D%7D
.casalemedia.com/	1970-01-20 00:43:25	Name: CMPS Value: 5203
.casalemedia.com/	1970-01-20 07:19:25	Name: CMID Value: YYntLW53Jx2XQDqhnAjqYQAA
.casalemedia.com/	1970-01-20 00:43:25	Name: CMPRO Value: 1156
.casalemedia.com/	1970-01-19 22:35:15	Name: CMST Value: YYntLWGJ7S0A
.adnxs.com/	1970-01-20 00:43:25	Name: anj Value: dTM7k!M41$CxrEQF']wIg2E>3gT@$@!p4Jo#MUTSo5i@?nrTu!gy=n!4ck?jKSkt7=d2_Ot`ZNHhf-3O2Y0cpfl_EOtM5X@'<McEL^`r?VksE2@:os1=2!:F4PUbA6)9en'5v/Y+biNx5-hM=(o1rrm2zul(Uo8P-HC_#ty%1aLgE
.casalemedia.com/	1970-01-20 07:19:25	Name: CMRUM3 Value: 2d6189ed2d2760CAESEAV8fXFnHG2MzDyDl6YDkgY
.weborama.fr/	1970-01-20 08:05:29	Name: AFFICHE_W Value: zvWWJzoUkvzO11
.krxd.net/	1970-01-20 02:53:01	Name: _kuid_ Value: OeIFDdaX
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6ztQPnU1jcc
.youtube.com/	1970-01-20 02:53:01	Name: VISITOR_INFO1_LIVE Value: HgnH37zijB0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA&ct=3&cv=1 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-2P4vk0YoBKB1fIV1M--wj9HUwDJxWGDapQscHA&custom=&tag_format=img&tag_action=sync&custom=&cb=f61be18b-a35f-4884-9041-ae64e4abe4fd Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
other	error	URL: https://www.yenibiris.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_core_1.0.0_scrambled.js(Line 8) Message: Unrecognized feature: 'vr'.
other	warning	URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_core_1.0.0_scrambled.js(Line 8) Message: Unrecognized feature: 'speaker'.
other	warning	URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_core_1.0.0_scrambled.js(Line 8) Message: Unrecognized feature: 'ambient-light-sensor'.
javascript	warning	URL: https://www.yenibiris.com/ Message: The resource https://www.yenibiris.com/Content/select2.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6232b69bfd5c5f5a2446473632cbc7e4.safeframe.googlesyndication.com
ad.360yield.com
ad.tpmn.co.kr
ads.yahoo.com
adservice.google.com
adservice.google.de
avlsh.visilabs.net
beacon.krxd.net
cdn.krxd.net
cdnjs.cloudflare.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.mgid.com
code.createjs.com
consumer.krxd.net
cotads.adscale.de
cstatic.weborama.fr
cw.addthis.com
d.turn.com
d31qbv1cthcecs.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
ih.adscale.de
isyasami.yenibiris.com
lgr.visilabs.net
media.adrcdn.com
mug.criteo.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
r1---sn-4g5lzney.googlevideo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rpdn.relateddigital.com
rt.visilabs.net
rtb-csync.smartadserver.com
s.ad.smaato.net
s.visilabs.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
stags.bluekai.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
sync.teads.tv
tags.bkrtx.com
tpc.googlesyndication.com
turismoportugal.solution.weborama.fr
ups.analytics.yahoo.com
us-u.openx.net
vsh.visilabs.net
wps.relateddigital.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.yenibiris.com
www.youtube.com
x.bidswitch.net
yenibiris.com
yt3.ggpht.com
104.111.215.191
104.111.228.137
104.111.242.245
104.19.133.78
104.75.88.126
13.32.99.104
13.32.99.29
141.226.228.48
142.250.181.226
142.250.185.130
142.250.185.162
151.101.194.133
151.101.2.133
178.250.0.157
178.250.2.151
18.156.0.31
18.157.70.90
185.29.195.171
185.29.195.172
185.29.195.173
185.29.195.174
185.33.220.240
185.33.221.53
185.64.190.80
185.86.137.133
195.54.48.26
2.21.141.232
2001:678:cb4:bbbb::13
212.82.100.181
2600:9000:2156:1c00:1b:5138:8a40:93a1
2600:9000:223d:2a00:1b:832b:ac00:93a1
2606:4700::6810:135e
2620:1ec:46::45
2a00:1288:80:800::7000
2a00:1450:4001:1b::6
2a00:1450:4001:803::2008
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2016
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:400c:c07::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba2a
3.120.13.220
3.136.24.186
34.102.166.132
34.249.161.76
35.227.248.159
35.244.159.8
35.244.174.68
52.209.253.199
54.93.80.4
63.35.102.121
64.202.112.191
68.232.34.163
69.173.144.139
78.31.67.159
83.66.162.230
89.187.169.122
91.235.64.232
93.184.221.133
004f99beec71acb855e0cc29533545d398b098bfd576e0eafcabdf86bf96e739
008c6b240500ba0f07b10e9347fccab7066b484f7b19684ba244bb5835275ac4
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beb6d6b6342b0b6551c210bccd8b2c04ae38985d336deb01928524c89740b7a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f4c6c5259d48c3bbd963d05536d79784777853e1656a613040f306ccb19ec8d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15923d16059b5d6009bc1412c5f4172c853a47f13f7579bde5e59ac85eea42b9
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12
21bc930843a279725ff0fc5d1f3b5981f6818c880ac4910eb25c3c3c41c73c76
22106242d3872886e53112d81cab2c4a78c450faee47e7da898010c04d7d5e7e
228ef6aecf6970bcedd0ca8446eca21e2e07d2671e85286b639e158402e2ff32
2307c6ccc79e1d57ab6d9d524a1a5f630aa9333b1e727bb28b4f2f1edddfa3c7
264fef901ee392226fb5b9d18ef5f55ebcfaa7ea75cd4e5cc08658fec425c4d0
28fbe08857f23557920bf552f1c169d550b26ccec5b1e45fc5b14091a0d4a9f8
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b3ffa436327c3af2d6bc8de64cc5601de217a875364deab0ec7aafc47cdf146
2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574
3169c2f46bc0ce97a532e383739e09e260f8e4e8159f4abe7456a83bb38f3a06
31a447f61a37af381c1599a80ea3b5d7433d6dc0ef1c95846a88887e5e374570
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a865e65ef363981b37568a60861be80e0e5e283eedaa7a0b31edb9362512b9
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36083ffd9b396a27e5237201e53bfe68f6cd6e98db2a473bbda4f038ad37c7ac
3662edb2a13d3b62e43aeab60216539fdf4ed06d8afad69cfde5c9e7baf8450a
386b8be3812bfd726539d80bee4229239d30559f7b6097fde699dc74aa6e37e8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb6644e2b9f3204019e66068154a089370cace0529f5f6255275e3879804233
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03
43d77a496b8d07422b1c4afb9b3155ff00054651ed089be779f4dfbae5fb8963
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4a706c524181f887a9f3f054063ee68a4b423687b583d6692019d83208395547
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5aa8a4e7798b5f22d16895b8830ea944e89a534fde442709fe0697daa3d338
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4cab08b8f48bf0f3811b9ea4b324214106a4248d7fb9bb3e319c5af7a8f5cdfb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
52edd331b3ca18cd871c7c561f5309ff3c018a48ae2920987ff5024150726e2d
538ed9d8c563eca08780be8790440c3d8e3ca397c255afbed9c851e42d91d8ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57d26dc350cc8c10af56460f5a6b067565c2cf5bea3eac710944814cc9ee4fa3
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4
5cc357a27dd329fa9e329d8acb9c7fbeeb5989cea2e34690d4aea87ff9560bc0
5dc50110e029443dfe5e2a3b431c78099b25edc1dbcae7cf14a053c58383909e
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ea54f0faf34e30af9393c3cf406fd222a2c8d7adabbde2bd3f0234d5763e599
62d24b6d4af40c1a671dcaa9ea4c74dbf65efa955dd57e30321fe996b7349e43
6323c27bdb21d0736749dfd545aa1808a27066859e4f7b5e17bf5dd6160179d1
6459811ed5b120120462018504b2c7a1f19125f338e1ff694da16c5a7a0aceba
65c40442b953ffd9630c1937550105ceffc345b9f4c49a76200fe7717406c72b
675c0fd294e29aba4403904227489fdce24e2a373fa1fded139b66b22a62772e
676bab9b8dfbd441d04408d8cd62f5cdc23b2af9984d1cb61d29a108bd8fbdda
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6867fc83c1aab76454b296b0c30d8606558b6bafe8347ff1c6cc38c5cd4c3c14
687891b8b88c9950086568628453b3600e9bfee37a00ca770ce41f3d7d4a3a5f
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6e61ff70aa38f060f30b48d976229397f2511da58fe972bf45042cf9268d34dd
6ebcf0a7fc7445fa80105a57cb3dbb040dafb64615ef8891d7d66ee0f6f3bd36
6f522fbbba8abd42e7a27c37138ae40a42beca58f750deb37102717d22e8bbd5
72293a89fe86d4aaa9591393243a0b4bc0c2d02f4cebeffda5b983a193b7cacf
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b
78f1719c638e483f71d0c1712f989c9a4d23d210289aa6449b8086ba2e73556c
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7d404c8e7ee121c6a9ffcb2d7db43a4c728c40e1fce307ce0d1b38f089d209ab
8259f9ff374f5c6e5b4f554f284e27d62d094e777a650dee2fef89ce55b1c055
8478ac98d335f04d359e62fc1b1f4666db6f7795c5e6fabc78b4c0db2e3f17f9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88f4aa7734efac8a048abb21a71eed64edb5f115dfd39ce746c995594f23d391
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b73ea0f694e03491fe8d4e5291cc3f62db1622cfda2d4cdecb6c6b32388f483
8d8601aac6448c56aadc375ee34b401f6099a5348d2da1f4a370bab053e8bb1e
9424647d01d105ffbf0a43ffd0338bf663946f88d373f22f7ee5349e04b5531a
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
9cb54dc4e5e7cf2491d4f43acc2c206dbf6c48dea845e663d9c01e939c262bd2
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97aa0e6ee73de0da31c0b1185be025c09d5311daa7456301c666b9add7c515
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00e81be10bf31e606cae5685380a949e31458b30c097777ebc3ff263153361a
a0b942ca6f37bb215b7fb8a6fcbb1326b2936af0777203efcf41a38f128b9c62
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4db1e00a496cc41239ecf1d22332353d73f6e9e618df44ce10b7c24d912463e
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8688d222dbca17c0dff0b5a0dc500b5c504512a8a31fe47c4c72a9ae600b4f
ace3371ed85cac39e792abdce09ba3fadad7328a8322ba488b66d23d9c19e687
af550a1f3a5ba58220cbfe3b45db75d2e6edaad1e9d5265c4075699b088a5fc5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b54b3c2508744497e606339017f82e33bb22dde4bd6d38030907da0905045341
b9418b23cdc40c604e0a896e00cd371c5e9a991830087cb4987341bc32ad3b96
ba56118a9bf2b54af94301fd355cecabb93a3ceb44606005cb81bf45544a023d
bac8265857aba474eff60a95af469861d0221422ed15f3ba1355be0b8fb76aba
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd43247f758f3086b3515f04a2524e6c8dec704b2c2b9588258ce160813fa3fe
bd9c1930ccf3332defff4d44bed1e020f8b6ea9784bcbfb042ad6f135d6105f0
bdcd8256a9778481a45d5ae7cd80a2d7e1299b74ef8f846f233116d81bc50652
be0df4812b017967e89ea23e16544a82704c241993fa2587a1afd13dee5b9e08
be50f77bbe96401d29526db24431e435c46a283707d324b277a2046190fed3bf
bf7d5bbb8788d1a9debe24ee1ece50bc98f8bfcfb62164740ce743641973cce1
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
ca45cdd891a26581651763d6204ba40be430bd94abe31e9e832822674bb3c4b4
cd8feca47797d25495f03a52b6a8605de61b829c01be0dca0c2ff0fed71ec3d8
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d0629c93f51bc6db174ca0e93347b433eb1f81469a6683619dc59c6111dc47ff
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1df1fc4fce172119a02d78cca0b8a44042aaeae2277ff12c3315f29ca9bf374
d6b5d8d83dbc18fb8d77c8761d331cd9e5123c9684950bab0406e98a24ac5ae8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb5638584e3ee42a664b228a5078daf9967b3ed63d43b413a03c69d28323026
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4c7c321014fff0a013ea82052509db81a5d93882ed9c093b07370531a416881
e68f868943331ab4a3819cf47d40881aa179b352445f87fff27a9608d486983a
e69945f1008946d0837afecae8e05fe6232ccd299e470b3a833602c9e27114e2
e9a08cab8111f05154841fdb5ba55dac23849df0ee991dcd70963397af39b4c8
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eb3db138521ceb9e82b1a9d0d17ab161239b7a1e8395cdde52afe34af962502c
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d7f6a8a06e6184328cb139d68927aef599c637137dcc91e11eb36b0d058d6c
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fa8a4883f414fad8f3dd67fbb621983702cc4645eaed358068542e7e658bf661
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.yenibiris.com Open in urlscan Pro 89.187.169.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

203 Requests

88 %HTTPS

38 %IPv6

51 Domains

78 Subdomains

69 IPs

9 Countries

4401 kBTransfer

8869 kBSize

64 Cookies

27 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.yenibiris.com Open in urlscan Pro
89.187.169.122 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

88 %
HTTPS

38 %
IPv6

51
Domains

78
Subdomains

69
IPs

9
Countries

4401 kB
Transfer

8869 kB
Size

64
Cookies

203 HTTP transactions
10 data transactions