secure.sahibinden.com Open in urlscan Pro
104.18.11.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trustwalletraffle.com/
Effective URL:
https://secure.sahibinden.com/login?frgn=true
Submission Tags: cryptocurrency impersonation phishing scam Search All
Submission: On December 22 via api (December 22nd 2022, 10:09:01 am UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 18 domains to perform 103 HTTP transactions. The main IP is 104.18.11.173, located in and belongs to CLOUDFLARENET, US. The main domain is secure.sahibinden.com. The Cisco Umbrella rank of the primary domain is 436444.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 5th 2022. Valid for: a year.

This is the only time secure.sahibinden.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.187.170.144 185.187.170.144	51167 (CONTABO) (CONTABO)
1 1	85.153.138.111 85.153.138.111	34984 (TELLCOM-AS) (TELLCOM-AS)
5	104.18.11.173 104.18.11.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
19	85.153.138.73 85.153.138.73	34984 (TELLCOM-AS) (TELLCOM-AS)
13	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	85.153.138.112 85.153.138.112	34984 (TELLCOM-AS) (TELLCOM-AS)
3	2a00:1450:400... 2a00:1450:400d:807::200d	15169 (GOOGLE) (GOOGLE)
1	96.16.134.158 96.16.134.158	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400d:802::2008	15169 (GOOGLE) (GOOGLE)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	104.76.148.5 104.76.148.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2011	15169 (GOOGLE) (GOOGLE)
103	25

1 185.187.170.144 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1017444.contaboserver.net

trustwalletraffle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.153.138.111 (Turkey) 1 redirects

ASN34984 (TELLCOM-AS, TR)

www.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.11.173 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 85.153.138.73 (Turkey)

ASN34984 (TELLCOM-AS, TR)

s0.shbdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.153.138.112 (Turkey)

ASN34984 (TELLCOM-AS, TR)

banaozel.sahibinden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.134.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-158.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.148.5 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-148-5.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2011 (Ireland)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
18	shbdn.com s0.shbdn.com — Cisco Umbrella Rank: 104956	527 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 71 region1.analytics.google.com — Cisco Umbrella Rank: 4762	225 KB
9	sahibinden.com 1 redirects www.sahibinden.com — Cisco Umbrella Rank: 36358 secure.sahibinden.com — Cisco Umbrella Rank: 436444 static.sahibinden.com — Cisco Umbrella Rank: 123597 banaozel.sahibinden.com — Cisco Umbrella Rank: 111367	51 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	161 KB
7	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5486	122 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6041	846 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	221 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	112 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 548
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 3873	16 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5218	297 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 11558	20 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3233	18 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 512 stags.bluekai.com Failed	207 B
1	trustwalletraffle.com trustwalletraffle.com	183 B
103	18

	Domain	Requested by
18	s0.shbdn.com	secure.sahibinden.com s0.shbdn.com
13	www.gstatic.com	www.google.com www.gstatic.com
13	www.google.com	secure.sahibinden.com www.gstatic.com www.google.com s0.shbdn.com
8	fonts.gstatic.com	www.google.com
7	cdn-ukwest.onetrust.com	secure.sahibinden.com s0.shbdn.com cdn-ukwest.onetrust.com
5	www.google.de	secure.sahibinden.com
5	secure.sahibinden.com	trustwalletraffle.com secure.sahibinden.com s0.shbdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.googletagmanager.com	static.sahibinden.com www.googletagmanager.com
3	accounts.google.com	s0.shbdn.com accounts.google.com
3	securepubads.g.doubleclick.net	secure.sahibinden.com securepubads.g.doubleclick.net s0.shbdn.com
2	stats.g.doubleclick.net	www.googletagmanager.com s0.shbdn.com
2	www.facebook.com	secure.sahibinden.com
2	connect.facebook.net	trustwalletraffle.com connect.facebook.net
2	banaozel.sahibinden.com	s0.shbdn.com
1	csp.withgoogle.com	trustwalletraffle.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tags.bkrtx.com	trustwalletraffle.com
1	hexagon-analytics.com	secure.sahibinden.com
1	cdn.sift.com	s0.shbdn.com
1	appleid.cdn-apple.com	s0.shbdn.com
1	tags.bluekai.com	s0.shbdn.com
1	static.sahibinden.com	secure.sahibinden.com
1	www.sahibinden.com	1 redirects
1	trustwalletraffle.com
0	stags.bluekai.com Failed	tags.bkrtx.com
103	27

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.sahibinden.com
banaozel.sahibinden.com
www.sahibindenakademi.com
policies.google.com

Subject Issuer	Validity	Valid
trustwalletraffle.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-05` - `2023-11-04`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-11-26` - `2023-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.shbdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-29` - `2023-09-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sahibinden.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-21` - `2023-04-18`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
banaozel.sahibinden.com DigiCert SHA2 Extended Validation Server CA	`2022-11-21` - `2023-12-15`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-19` - `2023-05-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-07` - `2023-01-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-12-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://secure.sahibinden.com/login?frgn=true
Frame ID: B3CBDF456730182FE54DCEBB0CC00E7D
Requests: 73 HTTP requests in this frame

Frame: https://secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671696000
Frame ID: EE80BC8050A6F468098C478B36FB5ACF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld4zicdAAAAALN0_e5tuzU6t_QmQde_F2QhYjos&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=mdgreluiowb0
Frame ID: 0FB98515BD8E34800610F8CCAF417F8B
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=342&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_738999_73903&as=CaEbQaQ764pqyFuEskWHXQ
Frame ID: 7D8DA161020B443F811915E77F1981F8
Requests: 3 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/39228?ret=html&phint=geoip_city%3Dnorth-rhine-westphalia&phint=geoip_isp%3Dleaseweb_germany&phint=__bk_t%3Dsahibinden.com%20user%20login&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ftrustwalletraffle.com%2F&phint=__bk_l%3Dhttps%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&phint=__bk_v%3D3.1.10&limit=4&r=1071155
Frame ID: 48E044B44EE9A541B8B7EF55086E2693
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=9huarafln1fg
Frame ID: F5DE797BA81545A20D516B3D1E49ECEB
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I
Frame ID: CAD339507F468883FCEA1C84A74A6311
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sahibinden.com user login

Page URL History Show full URLs

https://trustwalletraffle.com/ Page URL
https://www.sahibinden.com/ HTTP 302
https://secure.sahibinden.com/login?frgn=true Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

98 %
HTTPS

60 %
IPv6

18
Domains

27
Subdomains

25
IPs

7
Countries

2526 kB
Transfer

6471 kB
Size

21
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/tr/app/sahibinden.com-mobil/id418535251?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sahibinden

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/en
Title: Back to sahibinden.com homepage

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/search/detailed
Title: Advanced Search

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/favori-ilanlar
Title: My Favorite Classifieds

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilan-ver/adim-1/?state=new
Title: Post Free Ad*

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-ekle/adim-1
Title: Create Expertise Report

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/bilgilerim
Title: Fotoğraf Ekle

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/
Title: My Account Summary

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilanlarim
Title: My Ads

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/magazam/toplu-doping
Title: Doping Satın Al

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/mevcut-siparislerim
Title: My Orders

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/satistaki-urunlerim
Title: My Sales Transactions

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/alim-islemlerim
Title: Alım İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/satis-islemlerim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/kargolayacaklarim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://www.sahibindenakademi.com/
Title: Sahibinden Akademi

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/magazam/icerik
Title: My Store

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/emlak-ofisim
Title: Emlak Ofisim

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/logout
Title: Logout

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/mesajlarim
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/bilgilendirmeler
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilanlarim/pasif
Title: Pending Ads

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-raporlarim?reportStatus=U
Title: ilana eklenmeyenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-raporlarim?reportStatus=B
Title: ilana eklenenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/alicidan-onay-beklediklerim
Title: Waiting Approval of the Buyer

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/basarili-satislarim
Title: My Successful Sales

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/iade-edilenler
Title: Returned Products

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/iade-islemlerim
Title: My Return Transactions

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/tamamlananlar
Title: Completed

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/get
Title: My Distant Sales Agreements

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kargolayacaklarim
Title: Products that I will ship by cargo

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/alicidan-onay-beklediklerim
Title: Waiting Approval of the Buyer

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/basarili-satislarim
Title: My Successful Sales

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/iade-edilenler
Title: Returned Products

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/satista-olmayan-urunlerim
Title: My Products that are not on sale

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kapora/gonderilen
Title: Gönderdiklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kapora/alinan
Title: Gelenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/favori-aramalarim
Title: Favori Aramalarım'a Git

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/kisisel-verilerin-korunmasi-ve-islenmesi-hakkinda-bilgilendirme-58
Title: here

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/sahibindencom-cerez-politikasi-47
Title: Çerez Aydınlatma Metni’ni

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trustwalletraffle.com/ Page URL
https://www.sahibinden.com/ HTTP 302
https://secure.sahibinden.com/login?frgn=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

103 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
trustwalletraffle.com/ 74 B
183 B 79ms
32ms Document
text/html 185.187.170.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://trustwalletraffle.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.170.144 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1017444.contaboserver.net
Software: nginx / PHP/8.0.26 PleskLin
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Dec 2022 10:08:56 GMT
server: nginx
x-powered-by: PHP/8.0.26 PleskLin

GET
H2

200

Primary Request login Show response
secure.sahibinden.com/
Redirect Chain

https://www.sahibinden.com/
https://secure.sahibinden.com/login?frgn=true

60 KB
13 KB

174ms
129ms

Document
text/html

104.18.11.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d71d02a52513b684abf399625abfe3b4cd1d79f380768dd01717cb750bfe7f9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.sahibinden.com
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://trustwalletraffle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77d80f26dc1d9bbf-FRA
content-encoding: gzip
content-language: en
content-security-policy: frame-ancestors 'self' https://*.sahibinden.com
content-type: text/html;charset=UTF-8
date: Thu, 22 Dec 2022 10:08:57 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000
vary: user-agent,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-proxy: tmll-201 156,20201
x-secure-option: secure

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: frame-ancestors 'self' https://*.sahibinden.com
date: Thu, 22 Dec 2022 10:08:57 GMT
expires: 0
location: https://secure.sahibinden.com/login?frgn=true
pragma: no-cache
server: Sahibinden Web Servers
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-proxy: tmll-201 47,20201
x-secure-option: secure

GET
H2 200 OtAutoBlock.js Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/ 11 KB
3 KB 66ms
38ms Script
application/x-javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/OtAutoBlock.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcbcdc99957ee59c1a3d1a2d8cf4f4ee9b52c0eee8d745461851858838678d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: argJU+0o985M5lq79558WQ==
age: 72646
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2836
x-ms-lease-status: unlocked
last-modified: Fri, 30 Sep 2022 08:03:38 GMT
server: cloudflare
etag: 0x8DAA2BA485D199F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4887702d-501e-0071-727b-1456a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77d80f27dcf8997a-FRA

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
8 KB 63ms
35ms Script
application/javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bKkFjZE43AfZo3jm8gqLew==
age: 72661
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 06 Dec 2022 19:18:12 GMT
server: cloudflare
etag: 0x8DAD7BE9E2D4718
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d45f0081-801e-0037-387b-148834000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77d80f27dcfe997a-FRA
expires: Fri, 23 Dec 2022 10:08:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 172ms
91ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1428 / 554 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Dec 2022 10:08:58 GMT

GET
H2 200 common:ec19dbdf22afed6d61f819bbe73b8e58.css
s0.shbdn.com/assets/ 223 KB
39 KB 249ms
51ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

91396e1d49cb5253abf256fbc58a7ed43c6055e702fd4b285314b82c9d6e493d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Fri, 18 Nov 2022 05:57:29 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2952656
content-length: 39631
x-secure-option: secure
last-modified: Thu, 17 Nov 2022 14:02:50 GMT
server: Sahibinden Web Servers
etag: W/"63763f0a-37cfc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 login:57554505f2cecb90c20e2d6b1d91147b.css
s0.shbdn.com/assets/ 94 KB
17 KB 335ms
138ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

ec9e6abee53f0d6587f1c0893234a46a63064dabe95e1e7e2c6369cd65ff478b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Mon, 07 Nov 2022 04:38:47 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 3907765
content-length: 17037
x-secure-option: secure
last-modified: Thu, 03 Nov 2022 15:19:48 GMT
server: Sahibinden Web Servers
etag: W/"6363dc14-17656"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 denial_warning:7ea7cf82452e0ab0018593dd653880a2.png
s0.shbdn.com/assets/images/ 1 KB
1 KB 86ms
85ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/denial_warning:7ea7cf82452e0ab0018593dd653880a2.png

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

144eac2e60e93b7c8ed045d7b20afdce667ff8eae02f40982df1550374c8398a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:41:23 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762357
content-length: 1329
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-531"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 successLoginForce:3e074fa790625ca7aac76b74cae4df13.png
s0.shbdn.com/assets/images/ 5 KB
5 KB 86ms
86ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/successLoginForce:3e074fa790625ca7aac76b74cae4df13.png

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

50bc70e643ebd3dca08ae394519bfaa1990852a0c3d056c93b68373bd6129564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:41:08 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762372
content-length: 4810
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-12ca"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
1 KB 133ms
53ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Ld4zicdAAAAALN0_e5tuzU6t_QmQde_F2QhYjos

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cf3b915b8cfffe10f4cfbfe43ee62148890f88fdf54934ac6c366870518d67a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 613
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 10:08:58 GMT

GET
H2 200 prebid:35802e87d11a2ce2ec228c6e38acf487.js Show response
s0.shbdn.com/assets/ 185 KB
71 KB 87ms
86ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:40:27 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 6762413
content-length: 71577
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:15:56 GMT
server: Sahibinden Web Servers
etag: W/"633c4e2c-2e4f6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 common:87b5613f1f58e90c7a2f5a85c60dfbb2.js Show response
s0.shbdn.com/assets/ 473 KB
172 KB 44ms
44ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

184639bec71c612eb99debdab0f9a4b32e26b9fb4cb631f39e15fb9ce1b2bfeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Tue, 20 Dec 2022 11:30:42 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 167888
content-length: 174218
x-secure-option: secure
last-modified: Tue, 20 Dec 2022 10:13:12 GMT
server: Sahibinden Web Servers
etag: W/"63a18ab8-764a1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js Show response
s0.shbdn.com/assets/ 14 KB
5 KB 84ms
83ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

0adf0bce9c69989950d0134f3b0a6022a98c180b76cb8a28bfaaab5187020f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Fri, 18 Nov 2022 05:57:28 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 2952658
content-length: 4858
x-secure-option: secure
last-modified: Thu, 17 Nov 2022 14:05:08 GMT
server: Sahibinden Web Servers
etag: W/"63763f94-39ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 login:2041251f438593686cfe0a2139e226bf.js Show response
s0.shbdn.com/assets/ 26 KB
9 KB 85ms
84ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/login:2041251f438593686cfe0a2139e226bf.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

e7d2bcf179533af514987b8828d6760d61b8382bbe0eca749f8c69e8bb0fbc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 07 Dec 2022 04:46:38 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 1315320
content-length: 9021
x-secure-option: secure
last-modified: Tue, 06 Dec 2022 18:12:54 GMT
server: Sahibinden Web Servers
etag: W/"638f8626-6727"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 lastScripts:cfa5d49129048f4e398f292f2accea2c.js Show response
s0.shbdn.com/assets/ 47 B
176 B 86ms
84ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/lastScripts:cfa5d49129048f4e398f292f2accea2c.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 03:40:43 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 6762397
content-length: 67
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:15:56 GMT
server: Sahibinden Web Servers
etag: W/"633c4e2c-2f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 header:c6b3129350353426751445b895a83cd7.png
s0.shbdn.com/assets/images/ 47 KB
48 KB 85ms
85ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/header:c6b3129350353426751445b895a83cd7.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

0859b5ac6be24f29f4c93380fd4e02fe8a37e840286f55c0d4b4fcfdbdb0d701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:40:59 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762381
content-length: 48219
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:28 GMT
server: Sahibinden Web Servers
etag: "633c4d5c-bc5b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
s0.shbdn.com/assets/blob/ 42 KB
43 KB 192ms
58ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

99a904573c091f27516a66969b1b1d3df5fb53cc0e6085f566982e9e1d5e0244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:41:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762375
content-length: 42812
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-a73c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 AvenirNextW04-Regular:0593b70c0dee7832e0da7cf9608a4713.woff2
s0.shbdn.com/assets/blob/ 42 KB
42 KB 281ms
147ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/AvenirNextW04-Regular:0593b70c0dee7832e0da7cf9608a4713.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

8bb7a323b3fc0cd386ff9c729c4c6e494e0c31fefe36fb4b2afb2deec126db4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:41:24 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762356
content-length: 42528
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-a620"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
s0.shbdn.com/assets/blob/ 34 KB
35 KB 320ms
186ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

e772fc22762855b99fb206191a3beaa4a0994aa30b43da1511ae8c22e24573c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 03:41:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762375
content-length: 35188
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-8974"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 109ms
30ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Ld4zicdAAAAALN0_e5tuzU6t_QmQde_F2QhYjos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:51:11 GMT

GET
H2 200 analytics:1.js Show response
static.sahibinden.com/assets/ 11 KB
5 KB 194ms
52ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.sahibinden.com/assets/analytics:1.js?t=928724

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

39caaab55f7e3db03570fc994b879907bd5fa524fa0d733577381143195cdd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Thu, 22 Dec 2022 10:04:22 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 276
content-length: 4733
x-secure-option: secure
last-modified: Tue, 20 Dec 2022 13:02:34 GMT
server: Sahibinden Web Servers
etag: W/"63a1b26a-2c72"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=300,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 39228 Show response
tags.bluekai.com/site/ 38 B
207 B 259ms
162ms Script
text/javascript 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/39228?ret=js
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c1f66940e22d66301667eefccc248df97e5309985b48dd11e5329dffd9e8a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 22 Dec 2022 10:08:58 GMT
content-length: 38
content-type: text/javascript

GET
BLOB 200
OK 9f6edb18-4b62-43be-8bfe-0a4525f0be03
https://secure.sahibinden.com/ 763 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.sahibinden.com/9f6edb18-4b62-43be-8bfe-0a4525f0be03
Requested by: Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 641a731fa853852e924134bb1b21f8acb9256d374676c38e45235a0d591e194e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 763

GET
H2 200 9f768f58-cb4a-4de6-83e2-f8d83f22909b.json Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/ 3 KB
2 KB 49ms
30ms XHR
application/x-javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/9f768f58-cb4a-4de6-83e2-f8d83f22909b.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cdf837975fc10d9ac1d4b14ecbe6b343989c42ba54b8fe2fbb0b074f0459292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: XiINKWrfrlrQhJ0zwCC1ng==
age: 72639
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1430
x-ms-lease-status: unlocked
last-modified: Fri, 30 Sep 2022 08:03:37 GMT
server: cloudflare
etag: 0x8DAA2BA4763DAAF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 82fc388c-301e-002e-377b-14a45c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77d80f2b1aaf9bac-FRA

GET
H2 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 11:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Dec 2023 11:47:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 231 B
136 B 126ms
67ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=secure.sahibinden.com

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90b90db3f7e62e5c276a941caf809e76d7fee51c38d5c63441335299011fa944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Thu, 22 Dec 2022 10:08:58 GMT

POST
H2 200 info Show response
banaozel.sahibinden.com/ajax/login/ 44 B
251 B 270ms
68ms XHR
application/json 85.153.138.112
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://banaozel.sahibinden.com/ajax/login/info

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.112 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f2e3325debf5c4d01d4b6ec225b12ab23f8191b06f9f6332826551a2798156aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.sahibinden.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.sahibinden.com/login?frgn=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-proxy: tmll-201 9,20201
date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: frame-ancestors 'self' https://*.sahibinden.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 44
pragma: no-cache
x-secure-option: secure
server: Sahibinden Web Servers
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.sahibinden.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: x-client-profile,x-api-key,x-xsrf-token
expires: 0

POST
H2 200 info Show response
banaozel.sahibinden.com/ajax/login/ 44 B
674 B 261ms
62ms XHR
application/json 85.153.138.112
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://banaozel.sahibinden.com/ajax/login/info

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.112 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f2e3325debf5c4d01d4b6ec225b12ab23f8191b06f9f6332826551a2798156aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.sahibinden.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.sahibinden.com/login?frgn=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-proxy: tmll-201 198,20201
date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: frame-ancestors 'self' https://*.sahibinden.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 44
pragma: no-cache
x-secure-option: secure
server: Sahibinden Web Servers
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.sahibinden.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: x-client-profile,x-api-key,x-xsrf-token
expires: 0

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
76 KB 197ms
117ms Script
application/javascript 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/login:2041251f438593686cfe0a2139e226bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d38e44284bb9658cc5ff787c8432bdecb44c0d702c6369cd605eccc6f8cc06ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nEikJ8fmJz5EpKg2-Z7fMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-nEikJ8fmJz5EpKg2-Z7fMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 22 Dec 2022 10:08:58 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/tr_TR/ 44 KB
18 KB 121ms
9ms Script
application/javascript 96.16.134.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/tr_TR/appleid.auth.js

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/login:2041251f438593686cfe0a2139e226bf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-134-158.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

7afe5c08ef4517d45802243f1d2f843ae995a838188cf22fb19bc17a90394562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 22 Dec 2022 10:08:58 GMT
Last-Modified: Fri, 16 Dec 2022 21:03:06 GMT
Server: Apple
ETag: W/"45155-1671224586472"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18341

GET
H2 200 invisible.js Show response
secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame EE80 38 KB
19 KB 30ms
28ms Script
application/javascript 104.18.11.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671696000

Requested by

Host: trustwalletraffle.com
URL: https://trustwalletraffle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a80b28d63d9e5a79089d019f9c7df1c9572453aba1a5182710b760a3dc9def

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77d80f2b6db09bbf-FRA

GET
H2 200 qr-login:dd60bcfb3e8ce5db26aa3ed7f4db558c.png
s0.shbdn.com/assets/images/ 2 KB
2 KB 45ms
44ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/qr-login:dd60bcfb3e8ce5db26aa3ed7f4db558c.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

9b6b6cf46bf21cc8f1b4008998d2d0e73c2f20fe4aa7cb769953af89dd3a5476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 05 Oct 2022 03:47:02 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762018
content-length: 1721
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-6b9"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 mail-login-logo:b17dc81b3294b77cd7a4bb68a6439be4.svg
s0.shbdn.com/assets/blob/ 1 KB
1 KB 45ms
44ms Image
image/svg+xml 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/blob/mail-login-logo:b17dc81b3294b77cd7a4bb68a6439be4.svg

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f0321d5534588838579e9d9cf064e2e43e37f10f5940a802c5e68dd432896cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 05 Oct 2022 03:54:05 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6761595
content-length: 1105
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-451"
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 google-login-logo:d245f934ea194b5704fa1ae8551d3eaa.svg
s0.shbdn.com/assets/blob/ 1 KB
1 KB 46ms
45ms Image
image/svg+xml 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/blob/google-login-logo:d245f934ea194b5704fa1ae8551d3eaa.svg

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f2ac9b3fb99fdd91da54f2968f75d2c681f98b9926a03a7a235b4407d5a24524

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 05 Oct 2022 03:54:05 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6761595
content-length: 1225
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-4c9"
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 apple-login-logo:aa93903da74c98888d8c29d3db04b8bd.svg
s0.shbdn.com/assets/blob/ 916 B
980 B 48ms
47ms Image
image/svg+xml 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/blob/apple-login-logo:aa93903da74c98888d8c29d3db04b8bd.svg

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

5c85f2911b3365ce9d24560a076986f38b89eaa27b01ef7a57b343767c1748fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/login:57554505f2cecb90c20e2d6b1d91147b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:54:05 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6761595
content-length: 916
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-394"
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 AvenirNextW04-Bold:4f9eefb1e25968ec3446b86c25e81160.woff2
s0.shbdn.com/assets/blob/ 36 KB
36 KB 104ms
104ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/AvenirNextW04-Bold:4f9eefb1e25968ec3446b86c25e81160.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

e53a2732c50b29bc44ff1ab5b1cfc3debe72ce2beabea1dfcdbcf9130e0e0bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://s0.shbdn.com/assets/common:ec19dbdf22afed6d61f819bbe73b8e58.css
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 05 Oct 2022 03:42:37 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 6762283
content-length: 36892
x-secure-option: secure
last-modified: Tue, 04 Oct 2022 15:12:26 GMT
server: Sahibinden Web Servers
etag: "633c4d5a-901c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/ 311 KB
74 KB 40ms
40ms Script
application/javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 72646
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:26:00 GMT
server: cloudflare
etag: 0x8D95C3D1199287D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 79752d0c-201e-005c-2c7b-14d562000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77d80f2b7b92997a-FRA
expires: Fri, 23 Dec 2022 10:08:58 GMT

GET
H2 200 pica.js
secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame EE80 25 KB
11 KB 66ms
66ms Other
application/javascript 104.18.11.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d49c9165332e074c8de823f504364d42f6bd16befc6d3e60094437e24e19ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77d80f2bae639bbf-FRA

GET
H2 200 tr.json Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/3b4603d6-d32c-48e5-a49e-a908f2f68f9a/ 144 KB
28 KB 40ms
36ms Fetch
application/x-javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/3b4603d6-d32c-48e5-a49e-a908f2f68f9a/tr.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6664c4d244eff2c65e85d138b8b92511700f68bb26c58a45e13600f55407155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UuScERYQXxqMcbPdwd0KFw==
age: 72638
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 28097
x-ms-lease-status: unlocked
last-modified: Fri, 30 Sep 2022 08:03:41 GMT
server: cloudflare
etag: 0x8DAA2BA49F411D7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7d841173-601e-001f-417b-14ff8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77d80f2bdc289bac-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 322 KB
89 KB 133ms
52ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Requested by

Host: static.sahibinden.com
URL: https://static.sahibinden.com/assets/analytics:1.js?t=928724

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1c03ebc0c53fef6c3d8bbf0957c5bf928f956f2000dae23e6b0becaba1e2679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90708
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Dec 2022 10:08:58 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 0FB9 42 KB
22 KB 130ms
66ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld4zicdAAAAALN0_e5tuzU6t_QmQde_F2QhYjos&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=mdgreluiowb0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb14e04feeb2c40a071c6d3dd7db21ccb712f826bf75751c728c17d0550e983b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8kwZc3auS5x0pMPCRY5CTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22087
content-security-policy: script-src 'report-sample' 'nonce-8kwZc3auS5x0pMPCRY5CTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 10:08:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/ 13 KB
3 KB 59ms
59ms Fetch
application/json 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
age: 72636
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:25:50 GMT
server: cloudflare
etag: 0x8D95C3D0BB3DAD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: be5017d3-d01e-002f-627b-14a5a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77d80f2c6d429bac-FRA
expires: Fri, 23 Dec 2022 10:08:58 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/ 20 KB
4 KB 40ms
40ms Fetch
text/css 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Dec 2022 10:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
age: 72637
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:26:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 08d14495-b01e-003f-0c7b-149347000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 77d80f2c6d449bac-FRA
expires: Fri, 23 Dec 2022 10:08:58 GMT

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6925df152a381d3b3f3539edbd536ddb8ab7cdba07b0916d4b1d8e3415d5d66b

Request headers

Referer
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 373 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d69d109cd164771ed1bc277c0657302d389cb463d1d39aa54c73f6bb350f165

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 s.js Show response
cdn.sift.com/ 61 KB
20 KB 137ms
28ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:39:33 GMT
content-encoding: gzip
age: 62965
x-guploader-uploadid: ADPycdsJNxc0q-K0fqVVRK00Xme8Rx6-Zo7LsIxNLaykt04v8pklYdetlxucaeQQ3G630uKyJmhDhEsD9WIauQZo9OWu8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-generation: 1586469553682331
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
content-type: application/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:39:33 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 0FB9 52 KB
24 KB 89ms
29ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld4zicdAAAAALN0_e5tuzU6t_QmQde_F2QhYjos&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=mdgreluiowb0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:13:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 0FB9 407 KB
163 KB 106ms
46ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:51:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: trustwalletraffle.com
URL: https://trustwalletraffle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Dec 2022 10:08:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fCKeLLCgGk8jVnkCYsbDCPKkXEHIaI4nBRm1glEMpEmTXVfAFlwgzIGvXVR9xxnwvsxxlUaOj96kfHmcfPoV4w==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 121ms
55ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-621317847

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2cbb1a3cc8d5aed82a162d4507d8251b59f7d0edb7f2711a2a28e2c7bc075b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66980
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Dec 2022 10:08:58 GMT

POST
H2 200 77d80f26dc1d9bbf Show response
secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame EE80 2 B
387 B 52ms
52ms XHR
text/plain 104.18.11.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/cv/result/77d80f26dc1d9bbf

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671696000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
server: cloudflare
cf-ray: 77d80f2f0e5e9bbf-FRA
content-type: text/plain; charset=UTF-8

GET
H3 200 270782849932496 Show response
connect.facebook.net/signals/config/ 294 KB
84 KB 42ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/270782849932496?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa82f20d97b6a1be032c81a7d85728b3cf4064627d4ba6bd748e4ad5cc7db635

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Dec 2022 10:08:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86385
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: CLN92lHBKTBWF/taB1OcnjiAi4s6qYVbWuxiEnHxEnQdhKFAEjF3BWI3vRvwtl9bnY85HT4OX5v6c9xZhcHoWQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 668930.gif
hexagon-analytics.com/images/ 43 B
297 B 147ms
105ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/668930.gif?bk=cf7e6c3cf0&tm=26&r=351792621&v=105&cs=UTF-8&h=secure.sahibinden.com&l=en-US&S=62fcb3e39fe5798cfaaf127e5f0cab41&uu=1e764bd390808492693218cd17b097f&t=sahibinden.com%20user%20login&u=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&rf=https%3A%2F%2Ftrustwalletraffle.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/ 2 KB
1 KB 104ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/?random=1671703738802&cv=11&fst=1671703738802&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&auid=1198461859.1671703738&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621317847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517d1d367232253b0cf5647eef81581e17381f8bb7ff60b5a9a2c6c7cf783ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 903
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/ 2 KB
1 KB 90ms
60ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621317847/?random=1671703738816&cv=11&fst=1671703738816&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&auid=1198461859.1671703738&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-621317847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26ed5609ea7693f7f3650dc65a38076f80b4ce16d6dec1fe3dee2087bf713121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0FB9 2 KB
2 KB 30ms
30ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:21:21 GMT
x-content-type-options: nosniff
age: 154057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0FB9 15 KB
16 KB 51ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 424268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0FB9 15 KB
15 KB 54ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 215259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 0FB9 102 B
134 B 53ms
53ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld4zicdAAAAALN0_e5tuzU6t_QmQde_F2QhYjos&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=mdgreluiowb0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 10:08:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 52ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270782849932496&ev=PageView&dl=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&rl=https%3A%2F%2Ftrustwalletraffle.com%2F&if=false&ts=1671703738907&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671703738906.39364385&it=1671703738752&coo=false&rqm=GET

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Dec 2022 10:08:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/621317847/ 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/621317847/?random=1671703738816&cv=11&fst=1671703200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1680056861&rmt_tld=0&ipr=y

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/621317847/ 42 B
108 B 63ms
27ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/621317847/?random=1671703738816&cv=11&fst=1671703200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1680056861&rmt_tld=1&ipr=y

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/621317847/ 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/621317847/?random=1671703738802&cv=11&fst=1671703200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3689176742&rmt_tld=0&ipr=y

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/621317847/ 42 B
548 B 61ms
25ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/621317847/?random=1671703738802&cv=11&fst=1671703200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3689176742&rmt_tld=1&ipr=y

Requested by

Host: secure.sahibinden.com
URL: https://secure.sahibinden.com/login?frgn=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 loginFunnel Show response
secure.sahibinden.com/ajax/login/trace/ 53 B
355 B 173ms
173ms XHR
application/json 104.18.11.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sahibinden.com/ajax/login/trace/loginFunnel

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a25000ac0cdb7a11ba85d3e5e9715a43ad435274f9737751112f79ad400c28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.sahibinden.com
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.sahibinden.com/login?frgn=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-proxy: tmll-201 5,20201
date: Thu, 22 Dec 2022 10:08:59 GMT
content-security-policy: frame-ancestors 'self' https://*.sahibinden.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
content-encoding: gzip
pragma: no-cache
x-secure-option: secure
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS
access-control-allow-origin: https://secure.sahibinden.com
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77d80f30b9d79bbf-FRA
access-control-allow-headers: x-client-profile,x-api-key,x-xsrf-token
expires: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 916 B
602 B 174ms
173ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=tr&onload=captchaOnloadCallback&render=explicit&lang=en&time=1671703738995_0.7861081108407444&_=1671703738059

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ed04b882a4e9fee9d7fd9a667b0dc74315e17e58583d009d4b853a5ddcd644c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 10:08:59 GMT

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 425ms
226ms Stylesheet
text/css 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7izLEkcTgRVmoLKf8RrZpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7izLEkcTgRVmoLKf8RrZpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 22 Dec 2022 10:08:59 GMT

GET
H3 200 button Show response
accounts.google.com/gsi/ Frame 7D8D 105 KB
37 KB 289ms
96ms Document
text/html 2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=342&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_738999_73903&as=CaEbQaQ764pqyFuEskWHXQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc3cf5613d130efa9ae3371c850c59943915e5757ee0066462055587d3f6a1c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-CiFTPbRH0q7HgucFIVxIWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-CiFTPbRH0q7HgucFIVxIWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 10:08:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019563983/ 2 KB
952 B 274ms
99ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019563983/?random=1671703739010&cv=11&fst=1671703739010&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&auid=1198461859.1671703738&uaw=0&data=virtualPage%3D%2Fgiris%3Byakit%3D%7B%7B%3Bpagetitle%3Dsahibinden.com%20user%20login&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b9cb86e91d0dffbcab319030eac04f1c5e08fccff219f36d2aa57522c8e1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 926
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 191ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Dec 2022 09:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1095
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 22 Dec 2022 11:50:44 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 197ms
19ms Script
application/javascript 104.76.148.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: trustwalletraffle.com
URL: https://trustwalletraffle.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.76.148.5 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-148-5.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 22 Dec 2022 10:08:59 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Thu, 29 Dec 2022 10:08:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 193ms
192ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CVPS3GXE1Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58T6ZP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faa08bd68a2628e11485d53d1c3aa33f83196bc395d36b7a8a37a1fb9711974f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Dec 2022 10:08:59 GMT

GET
H3 200 recaptcha__tr.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 408 KB
163 KB 96ms
34ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__tr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=tr&onload=captchaOnloadCallback&render=explicit&lang=en&time=1671703738995_0.7861081108407444&_=1671703738059

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b26a9b1eed6c3221632ec305a09cf3d3f9b54e38d754d01987b11d5f62e27c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
Origin: https://secure.sahibinden.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 11:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166421
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 11:14:43 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 47ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 09:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Dec 2022 10:49:30 GMT

GET 39228
stags.bluekai.com/site/ Frame 48E0 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
351 B 65ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CVPS3GXE1Z&gtm=2oebu0&_p=476328412&_gaz=1&cid=1927408007.1671703739&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671703739&sct=1&seg=0&dl=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&dr=https%3A%2F%2Ftrustwalletraffle.com%2F&dt=sahibinden.com%20user%20login&en=page_view&_fv=1&_ss=1&ep.allowLinker=True&ep.cookieDomain=sahibinden.com&ep.forceSSL=false&ep.page=%2Fgiris&ep.content_group=Other&ep.arama_menusu=Yepyeni-std&ep.page_referrer_js=https%3A%2F%2Ftrustwalletraffle.com%2F&ep.page_url_js=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ep.bestmatch_alisveris=b-98&ep.site_preference=desktop&ep.screen_js=dpi_normal&epn.user_login_state_user=0&ep.data_center=temelli&ep.adblock_enabled=false&ep.webView=0&ep.webView_os=Windows&epn.user_login_state_hit=0&ep.content_group_page_type=Other
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CVPS3GXE1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.sahibinden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 53ms
18ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CVPS3GXE1Z&cid=1927408007.1671703739&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CVPS3GXE1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.sahibinden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 63ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CVPS3GXE1Z&cid=1927408007.1671703739&gtm=2oebu0&aip=1&z=838680697

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 33ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-235070-1&cid=1927408007.1671703739&jid=2013281727&gjid=736367966&_gid=9252732.1671703739&_u=aGBAgQAjAAAAAEAAI~&z=624787670

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:87b5613f1f58e90c7a2f5a85c60dfbb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Dec 2022 10:08:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.sahibinden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
14ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=476328412&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&dr=https%3A%2F%2Ftrustwalletraffle.com%2F&dp=%2Fgiris&ul=en-us&de=UTF-8&dt=sahibinden.com%20user%20login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgQAjAAAAAAAAI~&jid=2013281727&gjid=736367966&cid=1927408007.1671703739&tid=UA-235070-1&_gid=9252732.1671703739&gtm=2wgbu058T6ZP&cg2=Other&cd3=Yepyeni-std&cd5=https%3A%2F%2Ftrustwalletraffle.com%2F&cd6=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&cd9=https%3A%2F%2Ftrustwalletraffle.com%2F&cd24=b-98&cd29=desktop&cd30=dpi_normal&cd35=0&cd60=temelli&cd62=0&cd76=0&cd82=Windows&cd100=0&cd101=0&cd102=0&z=1958757437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 21:44:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44697
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1019563983/ 42 B
64 B 56ms
54ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1019563983/?random=1671703739010&cv=11&fst=1671703200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&data=virtualPage%3D%2Fgiris%3Byakit%3D%7B%7B%3Bpagetitle%3Dsahibinden.com%20user%20login&fmt=3&is_vtc=1&random=1848127132&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1019563983/ 42 B
64 B 41ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1019563983/?random=1671703739010&cv=11&fst=1671703200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&ref=https%3A%2F%2Ftrustwalletraffle.com%2F&tiba=sahibinden.com%20user%20login&data=virtualPage%3D%2Fgiris%3Byakit%3D%7B%7B%3Bpagetitle%3Dsahibinden.com%20user%20login&fmt=3&is_vtc=1&random=1848127132&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 7D8D 0
0 137ms
55ms Other
text/html 2a00:1450:400d:80e::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: trustwalletraffle.com
URL: https://trustwalletraffle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80e::2011 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://accounts.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-235070-1&cid=1927408007.1671703739&jid=2013281727&_u=aGBAgQAjAAAAAEAAI~&z=752799014

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 26ms
26ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-235070-1&cid=1927408007.1671703739&jid=2013281727&_u=aGBAgQAjAAAAAEAAI~&z=752799014

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 10:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F5DE 43 KB
22 KB 71ms
70ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=9huarafln1fg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

184231765509867e9dfddfae84489832df6a152cfd375a26ac06110a604ae405

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CDU0CpsxZ8TZAHdkihun0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22917
content-security-policy: script-src 'report-sample' 'nonce-CDU0CpsxZ8TZAHdkihun0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 10:08:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 7D8D 51 KB
27 KB 43ms
14ms Font
font/ttf 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 10:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27431
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 10:51:52 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F5DE 52 KB
24 KB 31ms
31ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=9huarafln1fg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:13:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F5DE 407 KB
163 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:51:11 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F5DE 2 KB
2 KB 30ms
29ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:21:21 GMT
x-content-type-options: nosniff
age: 154058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:21:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5DE 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 424269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5DE 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 215260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 22:21:19 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame CAD3 7 KB
1 KB 56ms
55ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58e529890c15bb8c2de2a2313b55bac6a41aefe70fa89e0949f112a13c288bb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MuGyv14rCPlNerv4lmq0sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.sahibinden.com/login?frgn=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-MuGyv14rCPlNerv4lmq0sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 10:08:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F5DE 102 B
134 B 52ms
51ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I&co=aHR0cHM6Ly9zZWN1cmUuc2FoaWJpbmRlbi5jb206NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=9huarafln1fg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 10:08:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame CAD3 52 KB
24 KB 30ms
29ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:13:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame CAD3 407 KB
163 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:51:11 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame CAD3 39 KB
24 KB 106ms
105ms XHR
application/json 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ac6120cb0eae3227901a0715c929a711a5cc42d96ab3b15fc3bf7099c1d303e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 22 Dec 2022 10:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24232
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 10:08:59 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame CAD3 600 B
624 B 31ms
30ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:58:49 GMT
x-content-type-options: nosniff
age: 238210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 26 Dec 2022 15:58:49 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame CAD3 530 B
554 B 32ms
31ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:21:00 GMT
x-content-type-options: nosniff
age: 154079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:21:00 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame CAD3 665 B
689 B 32ms
30ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:03:04 GMT
x-content-type-options: nosniff
age: 237955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 26 Dec 2022 16:03:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CAD3 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 424269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CAD3 15 KB
15 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:14 GMT
x-content-type-options: nosniff
age: 443085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 07:04:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CAD3 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 215260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame CAD3 40 KB
40 KB 53ms
53ms Image
image/jpeg 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AD1IbLA-ZKyuOwXN49g3IyH3lfHyEXBADeY1VasFE3qCbQvSYCm6p-RyWk6d7aBtvg_Lm9S4vKsTzORe7EJb9n3aAQMYBQ0FTzgQ1jsYDZy-n0eEv_esBDiUUlzsDBRkhY4I2Dsz0ksXW5QuUGUt0FOouOKwhHtijhLffRhQmBfK4kQFi6g0ca_cxyn6rVY-jN3K1-Bp8u8ZBRgebmZh4zauiPoxsMdexw&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3184eb76d9b5b94512fac470b1892ac28ecd4e897e26e3136f77efdbdabdbeaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdRNMYZAAAAABZSScnPfg4uWaczcpJPQ7rcfb0I
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 10:09:00 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41034
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 10:09:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 34ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270782849932496&ev=Microdata&dl=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&rl=https%3A%2F%2Ftrustwalletraffle.com%2F&if=false&ts=1671703740411&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22sahibinden.com%20user%20login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671703738906.39364385&it=1671703738752&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.sahibinden.com/login?frgn=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Dec 2022 10:09:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/39228?ret=html&phint=geoip_city%3Dnorth-rhine-westphalia&phint=geoip_isp%3Dleaseweb_germany&phint=__bk_t%3Dsahibinden.com%20user%20login&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ftrustwalletraffle.com%2F&phint=__bk_l%3Dhttps%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&phint=__bk_v%3D3.1.10&limit=4&r=1071155

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:40:55	Name: _GRECAPTCHA Value: 09AJ4Tk-5RBm8TdC3VeKfmRagWPFx7kYNQpq9WjQjvEJ74s0rKjbhvle_vCPuqyh8gocJ20KQmMcjfB0Sz1CXHqR0
.sahibinden.com/	1969-12-31 23:59:59	Name: st Value: a91b6176e54754e7491d4251f2e172645e49456a10c462c8ab4ed40a7cea02b69a9c8671ef7934dc03ca589c7525aedae02691f259a758051
.sahibinden.com/	1970-01-20 17:57:43	Name: vid Value: 687
.sahibinden.com/	1970-01-20 17:57:43	Name: cdid Value: EPBvYzPLRIJr3NX863a42cb9
.sahibinden.com/	1970-01-20 17:57:43	Name: csid Value: qvySj/mFHcnZwcRBvCBu1z70ioRUCKYmTwpimCMbLSCB45AUz240bTLlL7qh8fspz2iC+VbBtLxa1qHjLN91m3rcacnTs/MCFt0rTLEUNE5ceoCY3Rhpvb3JkComYekIJ4K0K9kc+K2bRL7Xs6enMpjtRQ+D8k9RfsvWa13dkGp5/6MYUzzMzWY/qASeRwrt
.sahibinden.com/	1969-12-31 23:59:59	Name: ulfuid Value: bf33a5eb-ff9f-4d31-b2ed-3fdc24da0048
.sahibinden.com/	1970-01-20 08:21:44	Name: dp Value: 1600*1200-landscape
.sahibinden.com/	1970-01-20 17:07:19	Name: MS1 Value: https://trustwalletraffle.com/
.sahibinden.com/	1970-01-20 08:23:10	Name: segIds Value:
.sahibinden.com/	1970-01-20 17:07:19	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+22+2022+10%3A08%3A58+GMT%2B0000+(GMT)&version=6.22.0&isIABGlobal=false&hosts=&consentId=f2b5e040-644e-49fd-86c9-2329e070361c&interactionCount=0&landingPath=https%3A%2F%2Fsecure.sahibinden.com%2Flogin%3Ffrgn%3Dtrue&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.sahibinden.com/	1970-01-20 08:21:47	Name: geoipCity Value: north-rhine-westphalia
.sahibinden.com/	1970-01-20 08:21:47	Name: geoipIsp Value: leaseweb_germany
.sahibinden.com/	1970-01-20 10:31:19	Name: _gcl_au Value: 1.1.1198461859.1671703738
.sahibinden.com/	1970-01-20 17:57:43	Name: __ssid Value: 1e764bd390808492693218cd17b097f
.sahibinden.com/	1970-01-20 08:21:45	Name: __cf_bm Value: 7WflH4ggZQY80yqflPpIWw8NiTJTCB9NELp285u8gtQ-1671703738-0-AXnhZoWtWWdkRRdzM3pgiMfwD+oT7H384DMMY/AojdxoazJKus1YInqZy4iY3Zsi2KrleCeNJHBBEmdB1tP+1m1mpeFOBIwUfALgqC4J9nNUPn9WUe9ujeZYEVNRMSqId2bjoLnVbd41M4UhPpMxdqTCqUHxY75uhSYiBrfS6SjzjR34xwuCe8bhm4GqrTDf8w==
.sahibinden.com/	1970-01-20 10:31:19	Name: _fbp Value: fb.1.1671703738906.39364385
.sahibinden.com/	1970-01-20 08:23:10	Name: _gid Value: GA1.2.9252732.1671703739
.sahibinden.com/	1970-01-20 17:57:43	Name: _ga_CVPS3GXE1Z Value: GS1.1.1671703739.1.0.1671703739.60.0.0
.sahibinden.com/	1970-01-20 17:57:43	Name: _ga Value: GA1.1.1927408007.1671703739
.doubleclick.net/	1970-01-20 17:43:19	Name: IDE Value: AHWqTUnl3lNenYROywa3dbtzJdGti0a1fxKmMF7uVIvIz4pg3HNahhj-1PYPOjQD
.sahibinden.com/	1970-01-20 08:21:43	Name: _dc_gtm_UA-235070-1 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
banaozel.sahibinden.com
cdn-ukwest.onetrust.com
cdn.sift.com
connect.facebook.net
csp.withgoogle.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
region1.analytics.google.com
s0.shbdn.com
secure.sahibinden.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.sahibinden.com
stats.g.doubleclick.net
tags.bkrtx.com
tags.bluekai.com
trustwalletraffle.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sahibinden.com
stags.bluekai.com
104.18.11.173
104.76.148.5
185.187.170.144
2001:4860:4802:32::36
2606:4700::6812:1a55
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:400d:802::2008
2a00:1450:400d:807::2003
2a00:1450:400d:807::2004
2a00:1450:400d:807::200d
2a00:1450:400d:808::2002
2a00:1450:400d:80e::2011
2a00:1450:4025:401::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
34.102.232.42
34.96.67.224
69.192.160.219
85.153.138.111
85.153.138.112
85.153.138.73
96.16.134.158
0859b5ac6be24f29f4c93380fd4e02fe8a37e840286f55c0d4b4fcfdbdb0d701
0adf0bce9c69989950d0134f3b0a6022a98c180b76cb8a28bfaaab5187020f6d
0d69d109cd164771ed1bc277c0657302d389cb463d1d39aa54c73f6bb350f165
144eac2e60e93b7c8ed045d7b20afdce667ff8eae02f40982df1550374c8398a
17a25000ac0cdb7a11ba85d3e5e9715a43ad435274f9737751112f79ad400c28
184231765509867e9dfddfae84489832df6a152cfd375a26ac06110a604ae405
184639bec71c612eb99debdab0f9a4b32e26b9fb4cb631f39e15fb9ce1b2bfeb
1ac6120cb0eae3227901a0715c929a711a5cc42d96ab3b15fc3bf7099c1d303e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ed5609ea7693f7f3650dc65a38076f80b4ce16d6dec1fe3dee2087bf713121
3184eb76d9b5b94512fac470b1892ac28ecd4e897e26e3136f77efdbdabdbeaa
39caaab55f7e3db03570fc994b879907bd5fa524fa0d733577381143195cdd15
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
50bc70e643ebd3dca08ae394519bfaa1990852a0c3d056c93b68373bd6129564
517d1d367232253b0cf5647eef81581e17381f8bb7ff60b5a9a2c6c7cf783ada
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
58e529890c15bb8c2de2a2313b55bac6a41aefe70fa89e0949f112a13c288bb0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bc3cf5613d130efa9ae3371c850c59943915e5757ee0066462055587d3f6a1c
5c85f2911b3365ce9d24560a076986f38b89eaa27b01ef7a57b343767c1748fa
5d49c9165332e074c8de823f504364d42f6bd16befc6d3e60094437e24e19ab1
5ed04b882a4e9fee9d7fd9a667b0dc74315e17e58583d009d4b853a5ddcd644c
641a731fa853852e924134bb1b21f8acb9256d374676c38e45235a0d591e194e
6925df152a381d3b3f3539edbd536ddb8ab7cdba07b0916d4b1d8e3415d5d66b
6b9cb86e91d0dffbcab319030eac04f1c5e08fccff219f36d2aa57522c8e1749
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
75a80b28d63d9e5a79089d019f9c7df1c9572453aba1a5182710b760a3dc9def
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7afe5c08ef4517d45802243f1d2f843ae995a838188cf22fb19bc17a90394562
7c1f66940e22d66301667eefccc248df97e5309985b48dd11e5329dffd9e8a7c
7cdf837975fc10d9ac1d4b14ecbe6b343989c42ba54b8fe2fbb0b074f0459292
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8bb7a323b3fc0cd386ff9c729c4c6e494e0c31fefe36fb4b2afb2deec126db4e
90b90db3f7e62e5c276a941caf809e76d7fee51c38d5c63441335299011fa944
91396e1d49cb5253abf256fbc58a7ed43c6055e702fd4b285314b82c9d6e493d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
99a904573c091f27516a66969b1b1d3df5fb53cc0e6085f566982e9e1d5e0244
9b6b6cf46bf21cc8f1b4008998d2d0e73c2f20fe4aa7cb769953af89dd3a5476
9cf3b915b8cfffe10f4cfbfe43ee62148890f88fdf54934ac6c366870518d67a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b26a9b1eed6c3221632ec305a09cf3d3f9b54e38d754d01987b11d5f62e27c19
b2cbb1a3cc8d5aed82a162d4507d8251b59f7d0edb7f2711a2a28e2c7bc075b5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6664c4d244eff2c65e85d138b8b92511700f68bb26c58a45e13600f55407155
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cb14e04feeb2c40a071c6d3dd7db21ccb712f826bf75751c728c17d0550e983b
d38e44284bb9658cc5ff787c8432bdecb44c0d702c6369cd605eccc6f8cc06ed
d71d02a52513b684abf399625abfe3b4cd1d79f380768dd01717cb750bfe7f9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53a2732c50b29bc44ff1ab5b1cfc3debe72ce2beabea1dfcdbcf9130e0e0bfa
e772fc22762855b99fb206191a3beaa4a0994aa30b43da1511ae8c22e24573c5
e7d2bcf179533af514987b8828d6760d61b8382bbe0eca749f8c69e8bb0fbc61
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ec9e6abee53f0d6587f1c0893234a46a63064dabe95e1e7e2c6369cd65ff478b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0321d5534588838579e9d9cf064e2e43e37f10f5940a802c5e68dd432896cd2
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f1c03ebc0c53fef6c3d8bbf0957c5bf928f956f2000dae23e6b0becaba1e2679
f2ac9b3fb99fdd91da54f2968f75d2c681f98b9926a03a7a235b4407d5a24524
f2e3325debf5c4d01d4b6ec225b12ab23f8191b06f9f6332826551a2798156aa
fa82f20d97b6a1be032c81a7d85728b3cf4064627d4ba6bd748e4ad5cc7db635
faa08bd68a2628e11485d53d1c3aa33f83196bc395d36b7a8a37a1fb9711974f
fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029
fcbcdc99957ee59c1a3d1a2d8cf4f4ee9b52c0eee8d745461851858838678d84

secure.sahibinden.com Open in urlscan Pro 104.18.11.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

98 %HTTPS

60 %IPv6

18 Domains

27 Subdomains

25 IPs

7 Countries

2526 kBTransfer

6471 kBSize

21 Cookies

43 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.sahibinden.com Open in urlscan Pro
104.18.11.173 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

98 %
HTTPS

60 %
IPv6

18
Domains

27
Subdomains

25
IPs

7
Countries

2526 kB
Transfer

6471 kB
Size

21
Cookies

103 HTTP transactions
2 data transactions