www.haberturk.com Open in urlscan Pro
185.102.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://digital-online-islemler.site/Kampanyalar/index.php
Effective URL:
https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Submission: On December 24 via api (December 24th 2023, 8:35:34 am UTC) from TR — Scanned from NL

Summary HTTP 117 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 22 domains to perform 117 HTTP transactions. The main IP is 185.102.219.172, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.haberturk.com. The Cisco Umbrella rank of the primary domain is 205559.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on June 27th 2023. Valid for: a year.

This is the only time www.haberturk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	185.102.219.172 185.102.219.172	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	54.170.121.144 54.170.121.144	16509 (AMAZON-02) (AMAZON-02)
2	31.3.2.72 31.3.2.72	21245 (MEDIANOVA...) (MEDIANOVA-CDN)
1	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	66.90.86.34 66.90.86.34	174 (COGENT-174) (COGENT-174)
1 4	37.59.195.0 37.59.195.0	16276 (OVH) (OVH)
2	5.135.121.144 5.135.121.144	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
9	185.57.65.125 185.57.65.125	9215 (VMIND) (VMIND)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3	92.45.106.166 92.45.106.166	34984 (TELLCOM-AS) (TELLCOM-AS)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	92.45.106.141 92.45.106.141	34984 (TELLCOM-AS) (TELLCOM-AS)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
117	34

1 2a06:98c1:3120::9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

digital-online-islemler.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com

www.haberturk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
im.haberturk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.121.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-121-144.eu-west-1.compute.amazonaws.com

cdn.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.3.2.72 (Frankfurt am Main, Germany)

ASN21245 (MEDIANOVA-CDN, TR)

ntm.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

cdn.p.analitik.bik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.90.86.34 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)

vmcdn.ciner.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.59.195.0 (San Javier, Spain) 1 redirects

ASN16276 (OVH, FR)

tr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.135.121.144 (France)

ASN16276 (OVH, FR)

gatr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.57.65.125 (Istanbul, Turkey)

ASN9215 (VMIND, TR)

wsdkapi.netmera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.45.106.166 (Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-92-45-106-166.reverse.superonline.net

o.gez.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.45.106.141 (Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-92-45-106-141.reverse.superonline.net

adsp.haberturk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	haberturk.com www.haberturk.com — Cisco Umbrella Rank: 205559 im.haberturk.com — Cisco Umbrella Rank: 137550 adsp.haberturk.com — Cisco Umbrella Rank: 183288	1 MB
23	googlesyndication.com b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	143 KB
14	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	224 KB
9	netmera.com wsdkapi.netmera.com — Cisco Umbrella Rank: 89668	27 KB
7	gemius.pl 1 redirects tr.hit.gemius.pl — Cisco Umbrella Rank: 104812 gatr.hit.gemius.pl — Cisco Umbrella Rank: 65260 ls.hit.gemius.pl — Cisco Umbrella Rank: 15551	49 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	165 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	338 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 9642	622 B
3	gez.io o.gez.io — Cisco Umbrella Rank: 183088	3 KB
3	netmera-web.com 1 redirects cdn.netmera-web.com — Cisco Umbrella Rank: 77765 ntm.netmera-web.com — Cisco Umbrella Rank: 78474	19 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	62 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	94 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2580	256 B
1	ciner.com.tr vmcdn.ciner.com.tr — Cisco Umbrella Rank: 347042
1	bik.gov.tr cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 56190
1	digital-online-islemler.site 1 redirects digital-online-islemler.site	542 B
117	22

	Domain	Requested by
20	www.haberturk.com	www.haberturk.com cdn.netmera-web.com
14	pagead2.googlesyndication.com	b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
9	wsdkapi.netmera.com	cdn.netmera-web.com
7	tpc.googlesyndication.com	b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com www.haberturk.com tpc.googlesyndication.com securepubads.g.doubleclick.net
7	im.haberturk.com	www.haberturk.com
4	s0.2mdn.net	www.haberturk.com s0.2mdn.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	tr.hit.gemius.pl	1 redirects www.haberturk.com tr.hit.gemius.pl
4	www.googletagmanager.com	www.haberturk.com www.googletagmanager.com www.google-analytics.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.nl	www.haberturk.com
3	region1.analytics.google.com	www.googletagmanager.com
3	o.gez.io	www.haberturk.com o.gez.io
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	googleads4.g.doubleclick.net	www.haberturk.com
2	googleads.g.doubleclick.net	b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	static.criteo.net	im.haberturk.com static.criteo.net
2	b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.google.com	www.haberturk.com tpc.googlesyndication.com
2	www.googletagservices.com	www.haberturk.com b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
2	gatr.hit.gemius.pl	www.haberturk.com gatr.hit.gemius.pl
2	ntm.netmera-web.com	www.haberturk.com
1	mug.criteo.com
1	vc.hotjar.io	script.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	adsp.haberturk.com	www.haberturk.com
1	bidder.criteo.com	im.haberturk.com
1	static.hotjar.com	www.haberturk.com
1	ls.hit.gemius.pl	tr.hit.gemius.pl
1	vmcdn.ciner.com.tr	www.haberturk.com
1	cdn.p.analitik.bik.gov.tr	www.haberturk.com
1	cdn.netmera-web.com	1 redirects
1	digital-online-islemler.site	1 redirects
117	38

This site contains links to these domains. Also see Links.

Domain
hthayat.haberturk.com
www.facebook.com
twitter.com
www.linkedin.com
wa.me
www.showtv.com.tr
showmax.com.tr
www.showturk.com.tr
tv.haberturk.com
www.bloomberght.com
htkulup.haberturk.com
www.haberturkradyo.com.tr
apps.apple.com
play.google.com
appgallery.cloud.huawei.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.haberturk.com RapidSSL TLS RSA CA G1	`2023-06-27` - `2024-06-26`	a year	crt.sh
*.p.analitik.bik.gov.tr RapidSSL TLS RSA CA G1	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ciner.com.tr RapidSSL TLS RSA CA G1	`2023-04-17` - `2024-04-16`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.netmera.com Go Daddy Secure Certificate Authority - G2	`2023-05-25` - `2024-06-25`	a year	crt.sh
*.gez.io RapidSSL TLS RSA CA G1	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.netmera-web.com Go Daddy Secure Certificate Authority - G2	`2023-10-04` - `2024-11-04`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Frame ID: C5F5DD2AFBD16BBC2D719172FEE5DDD2
Requests: 71 HTTP requests in this frame

Frame: https://www.haberturk.com/adscbg/adsFrame.html
Frame ID: 1E44B97FC75A288C70F110EA367D0276
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 97CE36CF36401CE6610D4E6E9C56A99A
Requests: 1 HTTP requests in this frame

Frame: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 114BE1524006B5CD15E28BB12D9E3E10
Requests: 1 HTTP requests in this frame

Frame: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 304B09B77088BBC5F350C7D289764E7C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTDmQIQjbicAhie26KAAjAB&v=APEucNVruljN3Ad5ckyJQ_37GJh5oiLBMFQTwFlUAH-Krt-8EZuf8XrPGOKprHmSmGuy5ziCgBnqMRdGKkh9iXhQiYnBOCpfdK8vHqjDAqwDovBQNhDFZ7jyqZXKHjFauqZlZ40HhoEM2YUVraz81R6VSTzwu4yL-hRy9PntGIP43_HRAcsCsqw
Frame ID: 94DE3B924288431A74ECEBA4A2131591
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 390DFCB59820943B3EE5EF5FD092EF95
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9808293042416762104/index.html?ev=01_250
Frame ID: 7075A4DAA02D6CA591A9AFB30D6DD318
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.haberturk.com
Frame ID: 686CDAB529D82C6E6B3EF8FECC50538E
Requests: 2 HTTP requests in this frame

Frame: https://www.haberturk.com/netmera_worker.html
Frame ID: D6280BAF0FF7101267FE313FADC0A41F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 622854E1D114796A1AD2F0B4397A46F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E099A4F2955B54FE811C038E2E9827D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kredi notu neden yükselecek?

Page URL History Show full URLs

https://digital-online-islemler.site/Kampanyalar/index.php HTTP 302
https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

117
Requests

94 %
HTTPS

49 %
IPv6

22
Domains

38
Subdomains

34
IPs

8
Countries

2706 kB
Transfer

5776 kB
Size

33
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://hthayat.haberturk.com/
Title: Kadın

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fhbr.tk%2F2gG3mp%2Ff

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&url=https%3A%2F%2Fhbr.tk%2F2gG3mp%2Ft&original_referer=https%3A%2F%2Fhbr.tk%2F2gG3mp%2Ft&via=haberturk

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fhbr.tk%2F2gG3mp

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Kredi%20notu%20neden%20y%C3%BCkselecek%3F%20-%20https%3A%2F%2Fhbr.tk%2F2gG3mp%2Fw

Search URL Search Domain Scan URL

URL: https://hthayat.haberturk.com/astroloji/genel-burc-yorumlari
Title: Günlük Burç Yorumları

Search URL Search Domain Scan URL

URL: https://www.showtv.com.tr/

Search URL Search Domain Scan URL

URL: http://showmax.com.tr/

Search URL Search Domain Scan URL

URL: https://www.showturk.com.tr/

Search URL Search Domain Scan URL

URL: https://tv.haberturk.com/

Search URL Search Domain Scan URL

URL: https://www.bloomberght.com/

Search URL Search Domain Scan URL

URL: https://htkulup.haberturk.com/

Search URL Search Domain Scan URL

URL: https://www.haberturkradyo.com.tr/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/haberturk/id341081552?l=tr

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=cbg.android.haberturk&hl=tr

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/ag/n/app/C101192597?locale=tr_TR&source=appshare&subsource=C101192597

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Haberturk

Search URL Search Domain Scan URL

URL: https://twitter.com/haberturk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haberturk

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gucuozgurlugunde

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://digital-online-islemler.site/Kampanyalar/index.php HTTP 302
https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ HTTP 302
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

Request Chain 51

https://tr.hit.gemius.pl/_1703406927899/rexdot.js?l=100&sendf=24&id=&et=view&hsrc=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yQQmDZ3BrNioEfeTxx991DKib0kUjNohn9ETKB5UeZf.P7XBUoqeURsuZIYiG__OrPeHUvQ4.f.a_wQywzaxGbyhzOov/unvjV8TgVqSjG/&fpdata=Zf5xqrBJ8yH7tf31ZnzeohuylFgj0a8c6YJeRPn_1h..T7&ltime=277&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6587ed4f250d8b33&brts=1703406927&fpcap= HTTP 301
https://tr.hit.gemius.pl/__/_1703406927899/rexdot.js?l=100&sendf=24&id=&et=view&hsrc=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yQQmDZ3BrNioEfeTxx991DKib0kUjNohn9ETKB5UeZf.P7XBUoqeURsuZIYiG__OrPeHUvQ4.f.a_wQywzaxGbyhzOov/unvjV8TgVqSjG/&fpdata=Zf5xqrBJ8yH7tf31ZnzeohuylFgj0a8c6YJeRPn_1h..T7&ltime=277&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6587ed4f250d8b33&brts=1703406927&fpcap=

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1

Request Chain 80

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYftUaBXumTAd7x3GIgsgQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECebVx5l5HNhwF-unpka-sw&google_cver=1

Request Chain 82

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTA5NjY5NDMyNDQyNTcxNA%3D%3D

Request Chain 107

https://gum.criteo.com/sid/json?origin=publishertag&domain=haberturk.com&sn=ChromeSyncframe&so=0&topUrl=www.haberturk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=B50ftXxaelhsV3JzWTZEZW8wbHRUK2dZU202TndPT0I2WnlwaXcwQlRXZzZQZ2RYTDZlcElzNUNOb0NNRTdxL0FYaXRDTUFsWnpGWWs1ZmZNVjA2Z0RSVmxiRnlPNm93K1RuK1pUTVFEdzVOMDJEYzFUREFLODdjaEpOV1hQbHZTQkpEaGdnblNNUk9ZNldzdGRaUW95ek1LdkQ5eDhLMXJ6OXo4ZWlmNUo1bndPTHhCOGR6cEdRaEtjdmFzRDh4REN0U0Q0L3RxS3VuNmx1QlRFQWpoa0U3aGwxK3VlZktYZEZuclhQQWxiL01zNjlnVnowRWlZTDZ1endKU3ZPRVBia1k5Tjh0M0dBVVg1Y01BWitKTjdVaW02eFF0QUlPaGZTMy9FenZWamZrY3ZWcz18&cppv=2

117 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 3645073-kredi-notu-neden-yukselecek Show response
www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/
Redirect Chain

https://digital-online-islemler.site/Kampanyalar/index.php
https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

81 KB
21 KB

382ms
280ms

Document
text/html

185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

a754c32b5ad113d0837bd27fcc09a750d3c69dcaccb6fc6611c9488595952e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
allow: GET, HEAD, OPTIONS, POST
cache-control: max-age= 90
cbglayer: PF
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:35:27 GMT
etag: W/"KXADCFAPHHSNMTXVY"
server: MerlinCDN
via: HTTP/2.0 Merlin CDN
x-backend: NA-168-219
x-cache-status: MISS
x-content-type-options: nosniff
x-edge: de-fra-dp-s03
x-frame-options: SAMEORIGIN
x-midtier: de-fra-lea-s01
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83a782ccd8bd6686-AMS
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:35:26 GMT
location: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVAmATH%2F3KuqTSybr1CFAZ%2FiimAih%2Fwq%2FlTRd5NW5rPHtfOc6vGGxi%2BiBEuQ6jyPY6M0CkEgyK1SskGudqp0LPuudEf5SzVGfC%2FT8NsHVcWIMrODfDzMYq20eIBbeUd%2BAnKnAMoY1DZvblt73wEORdG0zcYWvZ9arhpM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.30 PleskLin

GET
H2

200

netmera_sdk.js Show response
ntm.netmera-web.com/wsdk2/nmweb/
Redirect Chain

https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

59 KB
17 KB

172ms
32ms

Script
application/javascript

31.3.2.72
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Server: 31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-236 /
Resource Hash: 9c31edb555f9d7750905c3d52e87092fdca1f5443c1eb729758217972c5ce03d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: br
last-modified: Tue, 28 Nov 2023 20:50:36 GMT
server: MNCDN-236
x-mnrequest-id: 2af92dfd86dca7a5fb8055ab868b94c2
x-amz-request-id: F69JY3BW5WH0K1TB
x-edge-location: DE-372
x-amz-server-side-encryption: AES256
x-cache-status: Edge : HIT,
content-type: application/javascript
cache-control: private, max-age=900, s-maxage=604800
x-amz-id-2: NIoKcqZ8Ml4zk1J8R4FXQQ8I3sEko2EqQVeUmzZ+K1Z9PbVIQPyGpA/8oQiDroXt/Bd3RoCDwFY=
x-mserver: DE-372

Redirect headers

location: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
date: Sun, 24 Dec 2023 08:35:27 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2 200 style.css
www.haberturk.com/css/desktop/ 121 KB
28 KB 47ms
45ms Stylesheet
text/css 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/css/desktop/style.css?v=161

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

0dd37077f4f364df4bcdf5114c82950c368ed9a446e7fd4096db88d2e9bae202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-218
age: 7
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:49 GMT
server: MerlinCDN
etag: W/"6583e175-1e2c2"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: text/css
x-edge: de-fra-dp-s03

GET
H2 200 news.js Show response
www.haberturk.com/js/desktop/ 141 KB
47 KB 68ms
67ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/js/desktop/news.js?id=3ae3f90aa44279005aa0c020f8a17fb5

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

2f50295f54bd4f0fbb39b32562a3ab0800c595bb4b728b406a9df32f504b26d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-216
age: 7
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:49 GMT
server: MerlinCDN
etag: W/"6583e175-235a8"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: application/javascript; charset=utf-8
x-edge: de-fra-dp-s03

GET
H2 200 cbglout.js Show response
www.haberturk.com/adscbg/ 64 KB
16 KB 100ms
99ms Script
text/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/adscbg/cbglout.js

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

c23a45eab2fd78eab983e7e5cc38c82e8824128fc5632057b94324fcebed2530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-208
age: 8
x-midtier: de-fra-dp-s02
x-cache-status: HIT
cbglayer: PF
x-xss-protection: 1; mode=block
server: MerlinCDN
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=300

GET
H2 200 haberturk-logo.svg
www.haberturk.com/images/common/logo/svg/ 3 KB
2 KB 101ms
101ms Image
image/svg+xml 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberturk.com/images/common/logo/svg/haberturk-logo.svg

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

06f23be13a8f403bf406ddc4be2a1ef4b183afbc6404dcaa801dda33266a7a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-207
age: 7
x-midtier: de-fra-dp-s02
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:50 GMT
server: MerlinCDN
etag: W/"6583e176-dba"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s03

GET
H2 200 placeholder-image.gif
www.haberturk.com/images/dummy/ 43 B
390 B 102ms
101ms Image
image/gif 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberturk.com/images/dummy/placeholder-image.gif

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
x-backend: NA-168-212
age: 7
x-midtier: de-fra-lea-s01
x-cache-status: HIT
cbglayer: P
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:49 GMT
server: MerlinCDN
etag: "6583e175-2b"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: image/gif
x-edge: de-fra-dp-s03
accept-ranges: bytes

GET
H2 200 3645073_20ec723e3f1a33c46da84fd5c785b3aa.jpg
im.haberturk.com/2023/12/15/ 39 KB
39 KB 91ms
63ms Image
image/jpeg 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.haberturk.com/2023/12/15/3645073_20ec723e3f1a33c46da84fd5c785b3aa.jpg
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 99b859723af651e163dc3570335a4d271daa04dad748e800841dea598881db66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-backend: S-23-166
age: 157313
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
content-length: 39955
last-modified: Fri, 15 Dec 2023 05:11:37 GMT
server: MerlinCDN
etag: "657be009-9c13"
allow: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 3645073_c88ea0f7a683f1c1b2f4238ec7418df6.jpg
im.haberturk.com/2023/12/15/ 26 KB
26 KB 102ms
73ms Image
image/jpeg 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.haberturk.com/2023/12/15/3645073_c88ea0f7a683f1c1b2f4238ec7418df6.jpg
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: f07fd2b6a2998a79ed95f9120bf9cfb5888dbd6433cc159ef5ecd659936f6182

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-backend: S-23-166
age: 157313
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
content-length: 26493
last-modified: Fri, 15 Dec 2023 05:11:38 GMT
server: MerlinCDN
etag: "657be00a-677d"
allow: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 3645073_67de364c3b7038d9ae33310825a258c4.jpg
im.haberturk.com/2023/12/15/ 39 KB
39 KB 106ms
78ms Image
image/jpeg 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.haberturk.com/2023/12/15/3645073_67de364c3b7038d9ae33310825a258c4.jpg
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 2d45bb9ac22be8ca6e4a896bdf7bb65534c73816e3abf9189e139e4ea404cab7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-backend: S-23-166
age: 157313
x-midtier: de-fra-lea-s01
x-cache-status: HIT
content-length: 39899
last-modified: Fri, 15 Dec 2023 05:14:54 GMT
server: MerlinCDN
etag: "657be0ce-9bdb"
allow: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 3645073_a89d8fd6b614d0fcbffad34e381a0447.jpg
im.haberturk.com/2023/12/15/ 37 KB
37 KB 109ms
81ms Image
image/jpeg 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.haberturk.com/2023/12/15/3645073_a89d8fd6b614d0fcbffad34e381a0447.jpg
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: daf94b7790390e984703c001dbaddf376ada7275c8e2166cdf6b7ec75b5cf31d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-backend: S-51-218
age: 157311
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
content-length: 37491
last-modified: Fri, 15 Dec 2023 05:11:38 GMT
server: MerlinCDN
etag: "657be00a-9273"
allow: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 3645073_a0203bd5de368bbc8ed2513c86b5d3f6.jpg
im.haberturk.com/2023/12/15/ 40 KB
40 KB 102ms
75ms Image
image/jpeg 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.haberturk.com/2023/12/15/3645073_a0203bd5de368bbc8ed2513c86b5d3f6.jpg
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: bef8dc6c2e3e919948793fe159987cad3c41f38531e1be4c1620fe7c64a26048

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-backend: S-23-166
age: 157313
x-midtier: de-fra-lea-s01
x-cache-status: HIT
content-length: 40976
last-modified: Fri, 15 Dec 2023 05:11:38 GMT
server: MerlinCDN
etag: "657be00a-a010"
allow: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 504 tracker1.js
cdn.p.analitik.bik.gov.tr/ 0
0 4145ms
4039ms Script
text/html 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
79 KB 161ms
89ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCHP7Z9

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5c063d549c610320d64124eef709b095cd40148a8703f7a4aaa17a66e5536c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80318
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Dec 2023 08:35:27 GMT

GET
H2 200 google.svg
www.haberturk.com/images/common/icon/colored/ 973 B
869 B 53ms
51ms Image
image/svg+xml 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberturk.com/images/common/icon/colored/google.svg

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

927e9c742a51fca3c988db483281d66ad3e29d1ed030515c10e3222f263675b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-221
age: 7
x-midtier: de-fra-lea-s01
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:50 GMT
server: MerlinCDN
etag: W/"6583e176-3cd"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s03

GET
H2 200 twitter.svg
www.haberturk.com/images/common/icon/colored/ 1 KB
1 KB 53ms
52ms Image
image/svg+xml 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberturk.com/images/common/icon/colored/twitter.svg

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

3c32636ce6173421e6eae24a526d92b994c1fc347f0981c94a60cd0ec3e5f014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-213
age: 7
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:50 GMT
server: MerlinCDN
etag: W/"6583e176-528"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s03

GET
H2 200 facebook.svg
www.haberturk.com/images/common/icon/colored/ 838 B
778 B 54ms
53ms Image
image/svg+xml 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberturk.com/images/common/icon/colored/facebook.svg

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

b94b750d8f68a2efa953ab4f351b53f7800b4fd32574c268a38879dbef363d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-209
age: 7
x-midtier: de-fra-dp-s02
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:50 GMT
server: MerlinCDN
etag: W/"6583e176-346"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s03

GET
H2 200 apple.svg
www.haberturk.com/images/common/icon/colored/ 523 B
694 B 54ms
54ms Image
image/svg+xml 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haberturk.com/images/common/icon/colored/apple.svg

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

d0e2792814c62b49a5655ff0fe7aa91723d48edf7e3ff55db7688ae2d73786a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-215
age: 7
x-midtier: de-fra-lea-s01
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:50 GMT
server: MerlinCDN
etag: W/"6583e176-20b"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s03

GET
H2 200 /
www.haberturk.com/ 544 KB
544 KB 56ms
55ms Image
text/html 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haberturk.com/
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Sun, 24 Dec 2023 08:33:24 GMT
x-backend: NA-168-206
server: MerlinCDN
age: 26
x-midtier: de-fra-dp-s02
x-cache-status: HIT
allow: GET, HEAD, POST
cbglayer: C
content-type: text/html; charset=utf-8
x-edge: de-fra-dp-s03
cache-control: max-age=180

GET
H2 200 core.js Show response
www.haberturk.com/js/desktop/ 239 KB
69 KB 40ms
38ms Script
application/javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/js/desktop/core.js?v=161

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

b15ee5386fff7cbec46111b74e1c415217300bfabfc6a2fbddfe978b6dd7dff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-213
age: 7
x-midtier: de-fra-dp-s02
x-cache-status: HIT
cbglayer: P
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:49 GMT
server: MerlinCDN
etag: W/"6583e175-3bd68"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: application/javascript; charset=utf-8
x-edge: de-fra-dp-s03

GET
H2 200 ht-icon.woff2
www.haberturk.com/fonts/ 11 KB
12 KB 58ms
57ms Font
font/woff2 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/fonts/ht-icon.woff2?4fa4789200a37d00bf47df574b39ae32

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/css/desktop/style.css?v=161

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

d18ddd3152b548d5ac0e42b774bb3b2981cdb0e2a88d03b7822ad6e76bc8a415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/css/desktop/style.css?v=161
Origin: https://www.haberturk.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
x-backend: NA-168-209
age: 7
x-midtier: de-fra-lea-s01
x-cache-status: HIT
cbglayer: P
content-length: 11760
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:49 GMT
server: MerlinCDN
etag: "6583e175-2df0"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: font/woff2
access-control-allow-origin: *
x-edge: de-fra-dp-s03
accept-ranges: bytes

GET
H2 200 poppins-v15-latin-ext_latin-regular.woff
www.haberturk.com/fonts/ 14 KB
15 KB 62ms
61ms Font
font/woff 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/fonts/poppins-v15-latin-ext_latin-regular.woff?ac60ff327b209b58512c5fe9dfda9072

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/css/desktop/style.css?v=161

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

69fea018934e081011515c36f8ad80f4c936fad046f068b6d0a03ef65ac6cbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/css/desktop/style.css?v=161
Origin: https://www.haberturk.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
x-backend: NA-168-211
age: 7
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
cbglayer: P
content-length: 14520
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Dec 2023 21:44:48 GMT
server: MerlinCDN
etag: "65836050-38b8"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: font/woff
access-control-allow-origin: *
x-edge: de-fra-dp-s03
accept-ranges: bytes

GET
H2 200 poppins-v15-latin-ext_latin-700.woff
www.haberturk.com/fonts/ 14 KB
14 KB 65ms
65ms Font
font/woff 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/fonts/poppins-v15-latin-ext_latin-700.woff?00e5337651210e9ec6c7e3aef37edb1e

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/css/desktop/style.css?v=161

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

9b3ac8ceb85e6ee61739fd2737c4aeac169dbf85810decf1b3bf365db7f788d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/css/desktop/style.css?v=161
Origin: https://www.haberturk.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
x-backend: NA-168-218
age: 7
x-midtier: de-fra-dp-s02
x-cache-status: HIT
cbglayer: P
content-length: 14340
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 06:55:49 GMT
server: MerlinCDN
etag: "6583e175-3804"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: font/woff
access-control-allow-origin: *
x-edge: de-fra-dp-s03
accept-ranges: bytes

GET
H2 200 poppins-v15-latin-ext_latin-900.woff
www.haberturk.com/fonts/ 14 KB
14 KB 68ms
68ms Font
font/woff 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/fonts/poppins-v15-latin-ext_latin-900.woff?c7d2718e3a4e113d576ba5ba91e5867a

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/css/desktop/style.css?v=161

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

cf90542374308f6a354f70fef47e75e7a9b901f9376f9665cef566f2befae9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/css/desktop/style.css?v=161
Origin: https://www.haberturk.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
x-backend: NA-168-211
age: 7
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
cbglayer: P
content-length: 13988
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Dec 2023 21:44:48 GMT
server: MerlinCDN
etag: "65836050-36a4"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: font/woff
access-control-allow-origin: *
x-edge: de-fra-dp-s03
accept-ranges: bytes

GET
H2 206 3ba624865874f1e119223269ebd79950.mp3
vmcdn.ciner.com.tr/ht/voice/2023/12/15/ 64 KB
0 133ms
46ms Media
audio/mpeg 66.90.86.34
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://vmcdn.ciner.com.tr/ht/voice/2023/12/15/3ba624865874f1e119223269ebd79950.mp3
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.90.86.34 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: erSRV /
Resource Hash

Request headers

Referer: https://www.haberturk.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
last-modified: Fri, 15 Dec 2023 05:15:03 GMT
x-backend: CDN2
server: erSRV
x1: HIT
content-type: audio/mpeg
access-control-allow-origin: denied
Content-Range: bytes 0-8161343/8161344
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
Content-Length: 8161344

GET
H2 200 xgemius.js Show response
tr.hit.gemius.pl/ 68 KB
19 KB 116ms
34ms Script
application/x-javascript 37.59.195.0
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.hit.gemius.pl/xgemius.js
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.0 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: df2c8143c66a1b81a06018a8c4919c2380c68c67698fc6764c42f6ffda2418c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 12:14:58 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19525
expires: Sun, 24 Dec 2023 20:35:27 GMT

GET
H2 200 gplayer.js Show response
gatr.hit.gemius.pl/ 25 KB
7 KB 366ms
34ms Script
application/x-javascript 5.135.121.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/gplayer.js
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.135.121.144 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 0aa965f2e05cec3e4d84196c8a38a486945172592f7c59a376092d2d847999c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 12:14:58 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 6644
expires: Sun, 24 Dec 2023 20:35:27 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 476ms
118ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/adscbg/cbglout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e738af6790f8a195cf3f3fd5fb2d022ec10fdd9d2b46b05d2b3e5c1b6db03fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29106
x-xss-protection: 0
server: cafe
etag: 78 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:35:27 GMT

GET
H2 200 prebid8.22.0.js Show response
im.haberturk.com/assets/js/ 354 KB
133 KB 149ms
149ms Script
application/x-javascript 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://im.haberturk.com/assets/js/prebid8.22.0.js
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/adscbg/cbglout.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: 76e5258c11577f0cfaaeeae02db727d839b96eda02f806bbe4e5d4412c742af2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 07:38:36 GMT
x-backend: S-23-166
server: MerlinCDN
age: 149015
etag: W/"654897fc-5885b"
x-midtier: de-fra-lea-s01
x-cache-status: HIT
allow: GET, HEAD, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800

GET
H2 200 adsFrame.html Show response
www.haberturk.com/adscbg/ Frame 1E44 1 KB
2 KB 115ms
114ms Document
text/html 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/adscbg/adsFrame.html

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/adscbg/cbglout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

9e8ae8df63c18ceff7948468905aaae508a8a4f19fd0a119f9df22661d7b0fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18
allow: GET, HEAD, OPTIONS
cache-control: max-age=300
cbglayer: PF
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:35:27 GMT
server: MerlinCDN
via: HTTP/2.0 Merlin CDN
x-backend: NA-168-208
x-cache-status: HIT
x-content-type-options: nosniff
x-edge: de-fra-dp-s03
x-frame-options: SAMEORIGIN
x-midtier: nl-naw-ws-s08
x-xss-protection: 1; mode=block

GET
H2 200 geoipj Show response
www.haberturk.com/dynamics/ 78 B
313 B 336ms
336ms XHR
application/json 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haberturk.com/dynamics/geoipj
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/js/desktop/core.js?v=161
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: fd8bb75f83f6848d4650ddfabff0f6d3af808275d3c91f27f630b9f89dfbd11c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
x-backend: S-9-179
server: MerlinCDN
age: 0
x-midtier: nl-naw-ws-s08
x-cache-status: BYPASS
allow: GET, HEAD, OPTIONS, POST
content-type: application/json
x-edge: de-fra-dp-s03
cache-control: no-cache

GET
H2 200 ayar Show response
www.haberturk.com/ 96 KB
16 KB 219ms
218ms Fetch
application/json 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/ayar

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/js/desktop/core.js?v=161

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

b72eac9e160171b94a9fd5e986fe197aa177b7b556081d84eaf5d19dc5c3bf58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-content-type-options: nosniff
content-encoding: gzip
x-backend: NA-168-221
age: 0
x-midtier: de-fra-dp-s02
x-cache-status: EXPIRED
cbglayer: PF
x-xss-protection: 1; mode=block
server: MerlinCDN
etag: W/"KXADCFAPHHQZYWYVY"
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS, POST
content-type: application/json
x-edge: de-fra-dp-s03
cache-control: max-age= 90

GET
H2 200 1280x720
im.haberturk.com/l/2023/12/15/ver1702617252/3645073/jpg/ 357 KB
358 KB 38ms
37ms Image
image/jpeg 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.haberturk.com/l/2023/12/15/ver1702617252/3645073/jpg/1280x720
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-172.datapacket.com
Software: MerlinCDN /
Resource Hash: b17adf958e0e9e46c8c3e8a5cfaffa54017cf95446709d462d2e606d54286d8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
via: HTTP/2.0 Merlin CDN
x-backend: S-9-176
age: 256973
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
content-length: 365562
last-modified: Fri, 15 Dec 2023 05:14:09 GMT
server: MerlinCDN
etag: "657be0a1-593fa"
allow: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-edge: de-fra-dp-s03
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 fpdata.js Show response
tr.hit.gemius.pl/ 282 B
396 B 34ms
34ms Script
application/x-javascript 37.59.195.0
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.hit.gemius.pl/fpdata.js?href=www.haberturk.com
Requested by: Host: tr.hit.gemius.pl
URL: https://tr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.0 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 8a86c7367752c7ca52fc2de1ed0979f2064ca286bb633b89bdc5c0d37a2837a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 282
expires: Tue, 23 Jan 2024 08:35:27 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 97CE 5 KB
3 KB 160ms
55ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: tr.hit.gemius.pl
URL: https://tr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: a1cd31f9b3d90e808f1ca128244c4142ea42011894975a1d64bd9609ace9632f

Request headers

Referer: https://www.haberturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2711
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:35:27 GMT
etag: PRIVATE7520710249
expires: Tue, 23 Jan 2024 08:35:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 get Show response
wsdkapi.netmera.com/sdk/3.0/config/ 7 KB
8 KB 81ms
80ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/config/get

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

a07a7c25f5f7e102769349e786afd0c9c9f4d22dcd27be05b7cd976982fc19b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: nl-NL,nl;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.22
Referer: https://www.haberturk.com/
x-netmera-api-key: n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

OPTIONS
H2 204 get
wsdkapi.netmera.com/sdk/3.0/config/ Frame 0
0 236ms
72ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/config/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: GET
Origin: https://www.haberturk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Sun, 24 Dec 2023 08:35:27 GMT
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
86 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DF1E1VJKN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCHP7Z9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ffbb332d6cc1d1d150ad7e691e20dded3e2b82ae516786b39ada3bd79696fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 08:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 61ms
57ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3ZRKVF28XW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCHP7Z9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c02192ac28a8e8026a0dbbe1ef12514e4a82246a21d360bf522e314af1e2b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 08:35:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
28ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCHP7Z9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Dec 2023 08:17:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1063
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Dec 2023 10:17:44 GMT

GET
H/1.1 200
OK t.js Show response
o.gez.io/s/ 4 KB
2 KB 267ms
63ms Script
application/x-javascript 92.45.106.166
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.gez.io/s/t.js?v=25
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 92.45.106.166 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-106-166.reverse.superonline.net
Software: CBG Platform /
Resource Hash: 761d2914e263c1642370b9cfc470b6a23021146ef2da58794c459d1fcc5b0563

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:31:20 GMT
Via: (c)Haberturk
Content-Encoding: gzip
Last-Modified: Wed, 25 Dec 2019 10:40:16 GMT
Server: CBG Platform
Age: 65545
ETag: "5e033c90-11be"
ntCoent-Length: 4542
Content-Type: application/x-javascript
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2047
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 hotjar-2225218.js Show response
static.hotjar.com/c/ 9 KB
4 KB 124ms
32ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2225218.js?sv=6

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

bb96e1121d0da53845831482e536410fed1b8810b793145bff85f0432a70daf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 24 Dec 2023 08:34:54 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 39
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/99add8e1f2183988650f6c1de2c56a51
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Xg01qvaTdu6c4Me-P6DWI4Qa4n03aL1OUzaUSdXJhbJZ1veNMD1_Jg==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 108ms
30ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.22.0&cb=51553644925&lsavail=0

Requested by

Host: im.haberturk.com
URL: https://im.haberturk.com/assets/js/prebid8.22.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.haberturk.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.haberturk.com
date: Sun, 24 Dec 2023 08:35:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 zone Show response
adsp.haberturk.com/advertpro/servlet/view/banner/javascript/ Frame 1E44 76 B
481 B 293ms
71ms Script
text/javascript 92.45.106.141
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsp.haberturk.com/advertpro/servlet/view/banner/javascript/zone?custom1=haberturk&custom2=110&zid=1308&pid=0&contextual=true&random=8099306691148&millis=1703406927748&timestamp=1703406927748&referrer=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/adscbg/cbglout.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.45.106.141 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-106-141.reverse.superonline.net
Software: nginx /
Resource Hash: 6fc8dd7b32f7c1ec66b428bf325a2f9a44a96bb9f340299100a73aa78a1883b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:28 GMT
content-encoding: gzip
adsphost: H200
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
p3p: CP="NOI DSP COR NID"
cache-control: no-cache, no-store
x-robots-tag: none
expires: Thu, 31 Dec 1998 11:59:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 30ms
29ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=65784325&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&ul=en-us&de=UTF-8&dt=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1297758755&gjid=2001865587&cid=1447365078.1703406928&tid=UA-206852-3&_gid=1462054379.1703406928&_r=1&_slc=1&gtm=45He3bt0n81NCHP7Z9v76620496&cd16=1&cd59=1703406927686.447x5z5g&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1304695736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haberturk.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 31ms
31ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=65784325&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&ul=en-us&de=UTF-8&dt=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=164867396&gjid=1898989061&cid=1447365078.1703406928&tid=UA-206852-39&_gid=1462054379.1703406928&_r=1&_slc=1&gtm=45He3bt0n81NCHP7Z9v76620496&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=616220750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5738e0b88edfb048feb3574bc4d718766d5baecc2188936f1a496725aa5ade64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haberturk.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 94ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3ZRKVF28XW&gtm=45je3bt0v896817184z876620496&_p=1703406927310&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1447365078.1703406928&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703406927&sct=1&seg=0&dl=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&dt=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&en=page_view&_fv=1&_ss=1&tfd=1102
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZRKVF28XW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 104ms
38ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3ZRKVF28XW&cid=1447365078.1703406928&gtm=45je3bt0v896817184z876620496&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZRKVF28XW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 159ms
46ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3ZRKVF28XW&cid=1447365078.1703406928&gtm=45je3bt0v896817184z876620496&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1022713937

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 64ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3DF1E1VJKN&gtm=45je3bt0v9102903263z876620496&_p=1703406927310&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1447365078.1703406928&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703406927&sct=1&seg=0&dl=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&dt=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&en=page_view&_fv=1&_ss=1&tfd=1134
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DF1E1VJKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 75ms
39ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3DF1E1VJKN&cid=1447365078.1703406928&gtm=45je3bt0v9102903263z876620496&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DF1E1VJKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 123ms
45ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3DF1E1VJKN&cid=1447365078.1703406928&gtm=45je3bt0v9102903263z876620496&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1638247652

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
tr.hit.gemius.pl/__/_1703406927899/
Redirect Chain

https://tr.hit.gemius.pl/_1703406927899/rexdot.js?l=100&sendf=24&id=&et=view&hsrc=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F...
https://tr.hit.gemius.pl/__/_1703406927899/rexdot.js?l=100&sendf=24&id=&et=view&hsrc=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018...

4 B
381 B

68ms
68ms

Script
application/x-javascript

37.59.195.0
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.hit.gemius.pl/__/_1703406927899/rexdot.js?l=100&sendf=24&id=&et=view&hsrc=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yQQmDZ3BrNioEfeTxx991DKib0kUjNohn9ETKB5UeZf.P7XBUoqeURsuZIYiG__OrPeHUvQ4.f.a_wQywzaxGbyhzOov/unvjV8TgVqSjG/&fpdata=Zf5xqrBJ8yH7tf31ZnzeohuylFgj0a8c6YJeRPn_1h..T7&ltime=277&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6587ed4f250d8b33&brts=1703406927&fpcap=
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: H2
Server: 37.59.195.0 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 4
expires: Sat, 23 Dec 2023 08:35:27 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:27 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1703406927899/rexdot.js?l=100&sendf=24&id=&et=view&hsrc=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yQQmDZ3BrNioEfeTxx991DKib0kUjNohn9ETKB5UeZf.P7XBUoqeURsuZIYiG__OrPeHUvQ4.f.a_wQywzaxGbyhzOov/unvjV8TgVqSjG/&fpdata=Zf5xqrBJ8yH7tf31ZnzeohuylFgj0a8c6YJeRPn_1h..T7&ltime=277&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6587ed4f250d8b33&brts=1703406927&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 23 Dec 2023 08:35:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 62ms
36ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-206852-3&cid=1447365078.1703406928&jid=1297758755&gjid=2001865587&_gid=1462054379.1703406928&_u=YEBAAAAAAAAAAC~&z=1372687831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haberturk.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:35:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 62ms
38ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-206852-39&cid=1447365078.1703406928&jid=164867396&gjid=1898989061&_gid=1462054379.1703406928&_u=YEDAAEABAAAAACAAI~&z=1710994233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haberturk.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:35:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K4LB9Y83L6&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49f739382913d6eb792d7f9e41b8f5d2d7c607b2b9f90c0ddf9ab71ee271c8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 08:35:27 GMT

GET
H2 200 modules.618aa075c4d9b6424e07.js Show response
script.hotjar.com/ 220 KB
55 KB 119ms
37ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2225218.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 253522
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55689
last-modified: Thu, 21 Dec 2023 10:09:33 GMT
etag: "6ed2c6300d63320c76677ced187741fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: p-uoN-HiBwGo1B65idkD_UX2f-3xWjLDkMorMiGUoMwW6o5qOj_waQ==

GET
H2 200 gemiuslib.js Show response
gatr.hit.gemius.pl/ 65 KB
19 KB 35ms
34ms Script
application/x-javascript 5.135.121.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/gemiuslib.js
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.135.121.144 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: GHC /
Resource Hash: 5da21a3d2811c28e348f4f303963c1d31b39d60f4f4f50147121330f2db5c554

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:27 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 12:14:58 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 18931
expires: Sun, 24 Dec 2023 20:35:27 GMT

GET
H/1.1 200
OK getuid Show response
o.gez.io/ 49 B
496 B 67ms
64ms Script
text/javascript 92.45.106.166
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.gez.io/getuid
Requested by: Host: o.gez.io
URL: https://o.gez.io/s/t.js?v=25
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 92.45.106.166 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-106-166.reverse.superonline.net
Software: CBG Platform /
Resource Hash: 9766e136946880b0015240c962c14e9b29e5f696288f548bf37b1a5a102c567f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 08:35:28 GMT
Content-Encoding: gzip
Server: CBG Platform
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Type: text/javascript
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 122ms
45ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-206852-3&cid=1447365078.1703406928&jid=1297758755&_u=YEBAAAAAAAAAAC~&z=2050753977

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 51ms
44ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-206852-3&cid=1447365078.1703406928&jid=1297758755&_u=YEBAAAAAAAAAAC~&z=2050753977

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 init Show response
wsdkapi.netmera.com/sdk/3.0/session/ 2 B
266 B 75ms
75ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/session/init

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: nl-NL,nl;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.22
Referer: https://www.haberturk.com/
x-netmera-api-key: n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

OPTIONS
H2 204 init
wsdkapi.netmera.com/sdk/3.0/session/ Frame 0
0 76ms
73ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/session/init
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://www.haberturk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Sun, 24 Dec 2023 08:35:28 GMT
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 31ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K4LB9Y83L6&gtm=45je3bt0v9129044499&_p=1703406927310&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1447365078.1703406928&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&dt=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&sid=1703406928&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1296
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K4LB9Y83L6&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 153ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80148
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 22 Dec 2024 10:19:40 GMT

GET
H/1.1 200
OK m
o.gez.io/ 0
412 B 64ms
63ms Image
application/octet-stream 92.45.106.166
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://o.gez.io/m?m1=100&m2=4&m3=1&m4=&i1=3645073&i2=1&i3=1018&h1=&ui=&ns_t=1703406928076&ns_c=UTF-8&sw=1600&sh=1200&sc=24&h5=1&cr=&cu=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&kw=
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 92.45.106.166 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-92-45-106-166.reverse.superonline.net
Software: CBG Platform /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 08:35:28 GMT
Content-Encoding: gzip
Server: CBG Platform
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Type: application/octet-stream
Cache-Control: private
Connection: keep-alive

GET
H2 204 2225218 Show response
vc.hotjar.io/sessions/ 0
256 B 170ms
61ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2225218?s=0.25&r=0.18980280342517464
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: aqD34Lutjnfj6PhGnAi-pfS8jtwGuxOhPVCiiysFAcD2uF-BjPHweA==

POST
H2 200 fire Show response
wsdkapi.netmera.com/sdk/3.0/event/ 0
234 B 78ms
77ms Fetch 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/event/fire

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: nl-NL,nl;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.22
Referer: https://www.haberturk.com/
x-netmera-api-key: n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fire
wsdkapi.netmera.com/sdk/3.0/event/ Frame 0
0 74ms
74ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/event/fire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://www.haberturk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Sun, 24 Dec 2023 08:35:28 GMT
server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
48 KB 411ms
410ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470292312336984&correlator=3860259115094095&eid=31080079%2C44807748&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=31903365%2CHaberturk%2CDiger%2CMasthead%2C160x600%2CSag&enc_prev_ius=0%2F1%2F%2F2%2F%2F3%2C%2F0%2F1%2F%2F2%2F%2F4%2F%2F5&prev_iu_szs=970x250%7C970x90%7C728x90%2C160x600%7C120x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703406928366&lmt=1703406928&adxs=315%2C-9&adys=165%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&vis=1&psz=0x0%7C0x-1&msz=970x250%7C0x-1&fws=132%2C2&ohw=1560%2C0&ga_vid=1447365078.1703406928&ga_sid=1703406928&ga_hid=65784325&ga_fc=true&dlt=1703406927289&idt=1043&cust_params=nt%3D0&adks=2657784127%2C4140161047&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7123a2746232a33744643096adce3f2ab7e5bc0f020ebd0f34c490239e4d28eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48443
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 114B 6 KB
3 KB 231ms
65ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haberturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:35:28 GMT
expires: Mon, 23 Dec 2024 08:35:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 118ms
50ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: im.haberturk.com
URL: https://im.haberturk.com/assets/js/prebid8.22.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 08:35:28 GMT

GET
H2 200 container.html Show response
b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 304B 6 KB
3 KB 59ms
58ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haberturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:35:28 GMT
expires: Mon, 23 Dec 2024 08:35:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 102ms
51ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 08:35:28 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 94DE 624 B
826 B 147ms
74ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTDmQIQjbicAhie26KAAjAB&v=APEucNVruljN3Ad5ckyJQ_37GJh5oiLBMFQTwFlUAH-Krt-8EZuf8XrPGOKprHmSmGuy5ziCgBnqMRdGKkh9iXhQiYnBOCpfdK8vHqjDAqwDovBQNhDFZ7jyqZXKHjFauqZlZ40HhoEM2YUVraz81R6VSTzwu4yL-hRy9PntGIP43_HRAcsCsqw

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:35:29 GMT
expires: Sun, 24 Dec 2023 08:35:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 304B 89 KB
31 KB 221ms
146ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:35:29 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 304B 42 B
401 B 142ms
67ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4ySUDA9q2hpA7sG4LUt_yZk_vYQEA9CVkGtpFjzyWVYBMLXsar3Wtcfb5LY19mhZ1746A_xnTBtLhSIGjeQvpY9a8ImlKXBKIS3dYYmq_CCs3Joo

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 304B 3 KB
1 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 14:03:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 304B 20 KB
9 KB 108ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 09:13:30 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 304B 203 KB
65 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:35:28 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 94DE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1

43 B
338 B

50ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTDmQIQjbicAhie26KAAjAB&v=APEucNVruljN3Ad5ckyJQ_37GJh5oiLBMFQTwFlUAH-Krt-8EZuf8XrPGOKprHmSmGuy5ziCgBnqMRdGKkh9iXhQiYnBOCpfdK8vHqjDAqwDovBQNhDFZ7jyqZXKHjFauqZlZ40HhoEM2YUVraz81R6VSTzwu4yL-hRy9PntGIP43_HRAcsCsqw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HP0g5fT61ZDMvkY%2B8sx4%2BbgwtG9J9uUMBK1D9Y6sI5Qct5WHg%2Blul63iN68H7ScNTHsl66Q3XTqQhE9Anb6Hgek0uzVVJtqZvH7alj7m1GFuicMyWA0PmSh1%2B6BKxB8Cc%2BVWasqN3hzWNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a782dbbaa16696-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 94DE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYftUaBXumTAd7x3GIgsgQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1

43 B
769 B

52ms
51ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTDmQIQjbicAhie26KAAjAB&v=APEucNVruljN3Ad5ckyJQ_37GJh5oiLBMFQTwFlUAH-Krt-8EZuf8XrPGOKprHmSmGuy5ziCgBnqMRdGKkh9iXhQiYnBOCpfdK8vHqjDAqwDovBQNhDFZ7jyqZXKHjFauqZlZ40HhoEM2YUVraz81R6VSTzwu4yL-hRy9PntGIP43_HRAcsCsqw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GKovTF4Xad%2BTCNo%2F9cnCH28iJl6rp9SeX9oIf3XeZT0PtbpaChFe0k3W3wgdrYLIFxDTxvh4%2F%2FJEGSxtm71HK7QrQ60Q0T0dq5gNB4sxboMA2YLzMS9D1I88l1S7CtvE%2B3cOaS4bzDYHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a782dc3d020df3-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZk3H3Jr-UrTeL0rzdWIdQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 94DE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECebVx5l5HNhwF-unpka-sw&google_cver=1

43 B
836 B

37ms
37ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECebVx5l5HNhwF-unpka-sw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTDmQIQjbicAhie26KAAjAB&v=APEucNVruljN3Ad5ckyJQ_37GJh5oiLBMFQTwFlUAH-Krt-8EZuf8XrPGOKprHmSmGuy5ziCgBnqMRdGKkh9iXhQiYnBOCpfdK8vHqjDAqwDovBQNhDFZ7jyqZXKHjFauqZlZ40HhoEM2YUVraz81R6VSTzwu4yL-hRy9PntGIP43_HRAcsCsqw

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
an-x-request-uuid: 23fd5fa0-bb56-4b3f-920c-c2ca5516921a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.149; 31.204.150.149; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECebVx5l5HNhwF-unpka-sw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 94DE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTA5NjY5NDMyNDQyNTcxNA%3D%3D

170 B
243 B

42ms
42ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTA5NjY5NDMyNDQyNTcxNA%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
an-x-request-uuid: 42120f07-ebcd-4c57-b34b-5e8395b75371
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTA5NjY5NDMyNDQyNTcxNA%3D%3D
x-proxy-origin: 31.204.150.149; 31.204.150.149; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 304B 0
58 B 68ms
67ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5255389988202&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 304B 0
56 B 67ms
67ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5255389988202&version=m202309260101&ct=76&x=1&cor=10919557479232584000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 304B 91 KB
38 KB 82ms
78ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CghJFTO_JgIhD6EZre0-fQOFprcgK-Q3P7XsswyYNPbFImn4mnLsAwVkMz5MUD8xztWCNs2K2mR36sCIDbQOJJyFC3h0u5ftXv2ndVP_iWWK4P-ZHWOcEfnhYRCKhQ56uSlIuHjOZoLDm_1haee3K7K9vMvRmAdCPLj05IdLs1es0uYuA&dbm_d=AKAmf-DyFan7OgJdvDW1iZrUXFu-QZzwspakXpvquTU_RK-3ORSMFNX3zsnwaLxcZw0sKZa51-c6qczjx3WalaOL-gNfuZiqU6lwFWWDq09Y_u7SGFsexMMFSXPbGKoGf-K0nQg1S0WcBZLKkhLU_rDbErELoHypqvWsBkN29vANeMVwpsSW07jxK0GYfNpzhmonZ_5xxaSwOBbv57tdrQTfWNyF3jTGzI2C8fGRNa5K7bJ9CNePKPYbNdQpSOiUNeBO1GwKuQ8c-BmYMbRMZ1TBYNRwD8xYQvFXMtFtChjGrXZUQJLMYn52SoNy2DHGjzEaBhhZXpJyfmPv1L_O7wrrVhwQPUcpK2ZE2BJhThnsD3uJe8h-lvdbNUIcXCYKXBkpJhkGO__xdq5fn2HEbo7LFkbGAD7H9vtHV-jBwx0z5jCbHSF_5UzRPb3rDigbQyx2PEGqK3SrwS27k6UOW4x7Os3ox9uGHiMPTPkfK3EWBu5KLhpdMQeQvv1tOQ0SSEz4XKxGTcrged4A5U901dTmYnrtIutuZ06-tCdxUfoxfJ071qALB0YSQrn0WpqpYu79q747PTLBFQ2bhPiIiSqCIZdEcx8YLxVCfA9GT7JfpgREUEiadViLv8fHRjsDO1jBFxh96XiW6mTR8gdjd-EYZnCzfuAoIPu4M5-JEaf9f7kwAtofGvU4lFu7FBIMvYxwOa10pL5svKyxqgSQY-ZIfYL8y9HWS0ek---rlIT9hhH216AeFvyUTo5BQhtor25l8iVK_7rANJ8Kb_ZE1RFwU4FpdHA4trZt-VTfXqs8mBSHPG5KczXEzWqgF4uVp0Fyv1yVBK77YBFZKzbzDfBhXL1ldnP4U0Vz-67vIw8GwZKHOot4dKoTciOCQ985yED7doOgHuFMaXqVO53bzuZnGmZjUPZW4HqI0m_cJEAvWb_MOqHUM8I1tJWSfOxrgIdLBqYXrDdciaNugUJyk7V91fRXcOTk0hkdvhiNPbbLbE9VNqKfaiJpsUen-tLM48MhNduq0rIU_K1zCagk1GI5ws4EYQxP48a5l11oaWGvEzF3Rz09dN5ejb7NRkpOrqArxCRVYkZg3xW89NaFdkoZaPoo7w3wPOpIa0ghhab29_txbCScBbqZobN547QRc3uLRecoX2v1-vu22FaPXN0tzcvh148G2ipmkJWSapBiERIpN9G3XjKQk6GRnqiIDunGLnnbIg5wdvKMQVoC8sew7MdANyXLlbhLVwEg0gaiMTMYoCLeAdoqRQxTqtOoJPmoe6utoR6MhtYFjQ-02x1hIJ9A2A-Pl91EincY-oZasERWw6nvjoImTyIDnPVkYtEnHyrstybnUdzBbKNyVlLx777hgDjpRlzSWo60ECIz65kobZXDpQYTsfltJrrL94lveDQzEsz01J7cf3kaT1A9_OkLb9Ez8XEmHeJP-hM9mVSAL6EpM-zQBWlLeDIz3J3jLRwYQNcEMLh6AO3f3UGAnvGWiIcksH-ZsBENaAEkZg7V0aFfVlkyy6EeUOp1pywqWAA0eFGZYB7lCGgZGa4zSFhS5BI3jV9RNCHz5xMni3Hts6aZXUHqL3V6zbCyWfeD1l9aFfFY5LQCs4H0bWEGRAeSf_Iroh1JOkBXjdBhkKrzcS-o_2qICNif0A_Ig7BnuztlzkhMrUfikwvn1-CepVda2Su6uix9ghXMOrwAc0SalaD-RFzdbtq7NiV6SmdhPlch20-TnxmYieulujsAhwe5jclqtQPBM2fYo5Unq4xKEBYFZP45GRwUoHDeKq6FayP8QAQpsLBvsYCEuXEGWHnaqP47ORWoouKyV0eNcT3wDU7Glm8iFUXA4eCp8k7S1BifE4PJoVlU0WuBYygU6jLXGND6a4juTvWU1Y9ArdwgzA8qUY8LQ3EazCxGRO54Hd7wvJTcRbdQskMWT57UUJPyGYrun7fj_qfS_kAK_UtctDx7lUFye_iQYVoK_9TSfLZFpunNcqz5l6pkyLY4ccy29bbnHmWBWHEdeiaO6L0h6xfVD6MGSzMAPWQ2SeW38aukEsVgZtuIfjVWTbZlSUXWJTDfjwIIMGNO3cS3FBqmESeF8dfOXXx-85xGkNI8y-vyj2_43nZw7bRZJoPZMxC4ApCZo-aBTboOff2lT3M5gvAldZhUF3zrw9PmzuzugKrStJh_b_MMikNp-8muWBxbljoc-YpPMzD1dAZJJrXM5QfCJ81EiO1eg-YJYelrYsHywudW7k5K2_Q1Al_stElonmm2qqkpPgTndn43Y5iTvbuSD0c8n_JoGGhIYaoIg4_5QKCR8sHTjPOrTAR_SlmxKA4XLHfJ62QFUASEgvHcDtgGMng6eF6sO8RU3OhAS2f259FO_R4gu5ShvJD2S8NuebzI8ffKhkOux43OiDRks4rN6PSw-jahj1SNWTSLcs4fMtmT8uhWm3xTZ-Lu__8a1hLEphL1fvq7BPzTZYsNJedRsAv_CSZ-A4wV7XmK6uDH4RejU8EOk0aV3CouptPjuUphm5yS5wF56LCZCMs-VFptK2-iqIe_-SU_obXu8KJ1_ps0XjcQPBlqDJbQS5vGE7yZuVgMAxy9x2LWEyJAHNeBfkzwbriw4WGMSocnq70kpU7hpxv4LA-qLzhZpJ0ov4JnENEIcr2QEETFmPlvFUN6lTlFzKyCaUI9evUKh0zyGxpWCc7rpL2r6FAcaFF8Rxz7nhTQtDkML-dyt34lLQN-7ItwEXIejauhrnjEv5qfZ6KE4YbHe4cMCExy5VUq_IDNOXoQB3L3ZV_DTlVAwYNio76cE6-LY_eJ5ipMgX8R-mdOzz2RCjlalAI9gObUHhLOcC32DM0DsF8h2Kk5_LlNSDATA2SsqP2le4N5ut2_lplppotqkDzyb93ulbNZzi5WpBbrJuMlQvgghwZbDa4eUnKjDdB8j5TzsFDwT6VwI0Nn6Kx4w9Y3Nh436TFBbUSUWGyCmGHpFcoN322_avrNj_U40lxRjdO-0Jc9ImFLsDpWYfuD0P7O4jdl9EUpkfVy61jCksDKTIQH46hoeeTql60_GMeD7TpeCBglerfdb_Axbkpec1ygRwA5ki1tk-M_hoVeiUXI_bLlrw0dPblwQidLF9B7v-aZzFzbP1Vu6ajCLG5xK5UoGVSSZjAHZYFgnCetvspw4R-sPvlKZZZ5-GAVk_ntBmkgvquw8MdLYW_1J48D5y4MJ3YV0Zda63hxwHsQxU8xLx6FifxtN0_h3d9b6_OL970d5lol6DhZgmGw5AgZYwTM1QbPZi0mqtM-VOtNFaWGbADSL_EH5F5smeYceyVivCcxHukeANQvbBoYFafQekXvyp3kwGN2iGsiwhP2ZhuRem7OIUzvz0KgNZEHjIPTpWLb-yvmgtggtqf22kGEqW_vi_qOGA9nWa9LrcSRkwenYVmGbG3-abGLvTnOHbOBOitANPi7AUMXI5aAGEs0ioW5zfl6GCZgJ95CM6j40ewNMaq_RaKEZZVgpR3OS0xurMq0asW3NvORRivlwc4aX2YQhsfNzKxnAcQoIsgkrYsmFe67j9ApF9yxQ1M4uyqVN1sq8j0zHgZ4hL_HYdatVMV3-gXhphZaEx0JV4SZlUGhyJI3cmcISCUpibOKuNRQcTXLOm_NqLKj_7QvPwo2cZ7ck62TK978LQBcW0nPheqWTdbpZkZlSYUlZ7Nx6c9EBIJKEDPKsdRmTb61l5s6qiE6IUhZInjdaBINcBO03g8wLikqZl22MBXgalmoSVWTemVL45N4B6zrR2RQ8G752fM8gZDpUT8rgljb-fazTw-QYzyBHTlY12C53gm5I7R583FunkJCb5ztJmETm8f3_FeqpVzDGVNzdltGBcrDaL9BpOrGN_1R-03Rks-MWdP4JkN_nCjuQ14tCC3Hb6wBPCRvUvGPumgASJRkYneJLM1GejFBI_X4OMm92qxt1oImgp_gNummTrZa4yZlPgAsswnuKFEaHMb1oOii-e4_sxVN3uo4H_4-d9qrLUTZ9UMqfIeGzRwAeehDx94llCw5aERFSIPPBZKRkHj3fZT7SVBdBm5Z2nb595X1CMhEEjYjxMySDUmO072OltY6cGukGGPFOh7EHKPKVFFzpXW0dla9ei25FozcaUvCls_XUUaocjQjtfxRHMS9d3Ny1uhJkXNRpVVkPLUcEXnaBA&cid=CAQSTwAvHhf_QN08BRuuRAkZ8LCYkJ_tu3SsiTVAvcxHgy1USpgeQjHk4v3cdnfFrJUUie6E2xoBZA67nm8E95-vM9gPtMgrTv3nO3aoaxK3sloYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.haberturk.com%2F&ds=l&xdt=1&iif=1&cor=10919557479232584000&adk=1964084971&idt=252&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cecdf1925c0b9ef1fa54d3b2028e0a481a897a106903fd283219724e11e2dbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 304B 111 KB
39 KB 122ms
32ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
Origin: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 304B 11 KB
4 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CghJFTO_JgIhD6EZre0-fQOFprcgK-Q3P7XsswyYNPbFImn4mnLsAwVkMz5MUD8xztWCNs2K2mR36sCIDbQOJJyFC3h0u5ftXv2ndVP_iWWK4P-ZHWOcEfnhYRCKhQ56uSlIuHjOZoLDm_1haee3K7K9vMvRmAdCPLj05IdLs1es0uYuA&dbm_d=AKAmf-DyFan7OgJdvDW1iZrUXFu-QZzwspakXpvquTU_RK-3ORSMFNX3zsnwaLxcZw0sKZa51-c6qczjx3WalaOL-gNfuZiqU6lwFWWDq09Y_u7SGFsexMMFSXPbGKoGf-K0nQg1S0WcBZLKkhLU_rDbErELoHypqvWsBkN29vANeMVwpsSW07jxK0GYfNpzhmonZ_5xxaSwOBbv57tdrQTfWNyF3jTGzI2C8fGRNa5K7bJ9CNePKPYbNdQpSOiUNeBO1GwKuQ8c-BmYMbRMZ1TBYNRwD8xYQvFXMtFtChjGrXZUQJLMYn52SoNy2DHGjzEaBhhZXpJyfmPv1L_O7wrrVhwQPUcpK2ZE2BJhThnsD3uJe8h-lvdbNUIcXCYKXBkpJhkGO__xdq5fn2HEbo7LFkbGAD7H9vtHV-jBwx0z5jCbHSF_5UzRPb3rDigbQyx2PEGqK3SrwS27k6UOW4x7Os3ox9uGHiMPTPkfK3EWBu5KLhpdMQeQvv1tOQ0SSEz4XKxGTcrged4A5U901dTmYnrtIutuZ06-tCdxUfoxfJ071qALB0YSQrn0WpqpYu79q747PTLBFQ2bhPiIiSqCIZdEcx8YLxVCfA9GT7JfpgREUEiadViLv8fHRjsDO1jBFxh96XiW6mTR8gdjd-EYZnCzfuAoIPu4M5-JEaf9f7kwAtofGvU4lFu7FBIMvYxwOa10pL5svKyxqgSQY-ZIfYL8y9HWS0ek---rlIT9hhH216AeFvyUTo5BQhtor25l8iVK_7rANJ8Kb_ZE1RFwU4FpdHA4trZt-VTfXqs8mBSHPG5KczXEzWqgF4uVp0Fyv1yVBK77YBFZKzbzDfBhXL1ldnP4U0Vz-67vIw8GwZKHOot4dKoTciOCQ985yED7doOgHuFMaXqVO53bzuZnGmZjUPZW4HqI0m_cJEAvWb_MOqHUM8I1tJWSfOxrgIdLBqYXrDdciaNugUJyk7V91fRXcOTk0hkdvhiNPbbLbE9VNqKfaiJpsUen-tLM48MhNduq0rIU_K1zCagk1GI5ws4EYQxP48a5l11oaWGvEzF3Rz09dN5ejb7NRkpOrqArxCRVYkZg3xW89NaFdkoZaPoo7w3wPOpIa0ghhab29_txbCScBbqZobN547QRc3uLRecoX2v1-vu22FaPXN0tzcvh148G2ipmkJWSapBiERIpN9G3XjKQk6GRnqiIDunGLnnbIg5wdvKMQVoC8sew7MdANyXLlbhLVwEg0gaiMTMYoCLeAdoqRQxTqtOoJPmoe6utoR6MhtYFjQ-02x1hIJ9A2A-Pl91EincY-oZasERWw6nvjoImTyIDnPVkYtEnHyrstybnUdzBbKNyVlLx777hgDjpRlzSWo60ECIz65kobZXDpQYTsfltJrrL94lveDQzEsz01J7cf3kaT1A9_OkLb9Ez8XEmHeJP-hM9mVSAL6EpM-zQBWlLeDIz3J3jLRwYQNcEMLh6AO3f3UGAnvGWiIcksH-ZsBENaAEkZg7V0aFfVlkyy6EeUOp1pywqWAA0eFGZYB7lCGgZGa4zSFhS5BI3jV9RNCHz5xMni3Hts6aZXUHqL3V6zbCyWfeD1l9aFfFY5LQCs4H0bWEGRAeSf_Iroh1JOkBXjdBhkKrzcS-o_2qICNif0A_Ig7BnuztlzkhMrUfikwvn1-CepVda2Su6uix9ghXMOrwAc0SalaD-RFzdbtq7NiV6SmdhPlch20-TnxmYieulujsAhwe5jclqtQPBM2fYo5Unq4xKEBYFZP45GRwUoHDeKq6FayP8QAQpsLBvsYCEuXEGWHnaqP47ORWoouKyV0eNcT3wDU7Glm8iFUXA4eCp8k7S1BifE4PJoVlU0WuBYygU6jLXGND6a4juTvWU1Y9ArdwgzA8qUY8LQ3EazCxGRO54Hd7wvJTcRbdQskMWT57UUJPyGYrun7fj_qfS_kAK_UtctDx7lUFye_iQYVoK_9TSfLZFpunNcqz5l6pkyLY4ccy29bbnHmWBWHEdeiaO6L0h6xfVD6MGSzMAPWQ2SeW38aukEsVgZtuIfjVWTbZlSUXWJTDfjwIIMGNO3cS3FBqmESeF8dfOXXx-85xGkNI8y-vyj2_43nZw7bRZJoPZMxC4ApCZo-aBTboOff2lT3M5gvAldZhUF3zrw9PmzuzugKrStJh_b_MMikNp-8muWBxbljoc-YpPMzD1dAZJJrXM5QfCJ81EiO1eg-YJYelrYsHywudW7k5K2_Q1Al_stElonmm2qqkpPgTndn43Y5iTvbuSD0c8n_JoGGhIYaoIg4_5QKCR8sHTjPOrTAR_SlmxKA4XLHfJ62QFUASEgvHcDtgGMng6eF6sO8RU3OhAS2f259FO_R4gu5ShvJD2S8NuebzI8ffKhkOux43OiDRks4rN6PSw-jahj1SNWTSLcs4fMtmT8uhWm3xTZ-Lu__8a1hLEphL1fvq7BPzTZYsNJedRsAv_CSZ-A4wV7XmK6uDH4RejU8EOk0aV3CouptPjuUphm5yS5wF56LCZCMs-VFptK2-iqIe_-SU_obXu8KJ1_ps0XjcQPBlqDJbQS5vGE7yZuVgMAxy9x2LWEyJAHNeBfkzwbriw4WGMSocnq70kpU7hpxv4LA-qLzhZpJ0ov4JnENEIcr2QEETFmPlvFUN6lTlFzKyCaUI9evUKh0zyGxpWCc7rpL2r6FAcaFF8Rxz7nhTQtDkML-dyt34lLQN-7ItwEXIejauhrnjEv5qfZ6KE4YbHe4cMCExy5VUq_IDNOXoQB3L3ZV_DTlVAwYNio76cE6-LY_eJ5ipMgX8R-mdOzz2RCjlalAI9gObUHhLOcC32DM0DsF8h2Kk5_LlNSDATA2SsqP2le4N5ut2_lplppotqkDzyb93ulbNZzi5WpBbrJuMlQvgghwZbDa4eUnKjDdB8j5TzsFDwT6VwI0Nn6Kx4w9Y3Nh436TFBbUSUWGyCmGHpFcoN322_avrNj_U40lxRjdO-0Jc9ImFLsDpWYfuD0P7O4jdl9EUpkfVy61jCksDKTIQH46hoeeTql60_GMeD7TpeCBglerfdb_Axbkpec1ygRwA5ki1tk-M_hoVeiUXI_bLlrw0dPblwQidLF9B7v-aZzFzbP1Vu6ajCLG5xK5UoGVSSZjAHZYFgnCetvspw4R-sPvlKZZZ5-GAVk_ntBmkgvquw8MdLYW_1J48D5y4MJ3YV0Zda63hxwHsQxU8xLx6FifxtN0_h3d9b6_OL970d5lol6DhZgmGw5AgZYwTM1QbPZi0mqtM-VOtNFaWGbADSL_EH5F5smeYceyVivCcxHukeANQvbBoYFafQekXvyp3kwGN2iGsiwhP2ZhuRem7OIUzvz0KgNZEHjIPTpWLb-yvmgtggtqf22kGEqW_vi_qOGA9nWa9LrcSRkwenYVmGbG3-abGLvTnOHbOBOitANPi7AUMXI5aAGEs0ioW5zfl6GCZgJ95CM6j40ewNMaq_RaKEZZVgpR3OS0xurMq0asW3NvORRivlwc4aX2YQhsfNzKxnAcQoIsgkrYsmFe67j9ApF9yxQ1M4uyqVN1sq8j0zHgZ4hL_HYdatVMV3-gXhphZaEx0JV4SZlUGhyJI3cmcISCUpibOKuNRQcTXLOm_NqLKj_7QvPwo2cZ7ck62TK978LQBcW0nPheqWTdbpZkZlSYUlZ7Nx6c9EBIJKEDPKsdRmTb61l5s6qiE6IUhZInjdaBINcBO03g8wLikqZl22MBXgalmoSVWTemVL45N4B6zrR2RQ8G752fM8gZDpUT8rgljb-fazTw-QYzyBHTlY12C53gm5I7R583FunkJCb5ztJmETm8f3_FeqpVzDGVNzdltGBcrDaL9BpOrGN_1R-03Rks-MWdP4JkN_nCjuQ14tCC3Hb6wBPCRvUvGPumgASJRkYneJLM1GejFBI_X4OMm92qxt1oImgp_gNummTrZa4yZlPgAsswnuKFEaHMb1oOii-e4_sxVN3uo4H_4-d9qrLUTZ9UMqfIeGzRwAeehDx94llCw5aERFSIPPBZKRkHj3fZT7SVBdBm5Z2nb595X1CMhEEjYjxMySDUmO072OltY6cGukGGPFOh7EHKPKVFFzpXW0dla9ei25FozcaUvCls_XUUaocjQjtfxRHMS9d3Ny1uhJkXNRpVVkPLUcEXnaBA&cid=CAQSTwAvHhf_QN08BRuuRAkZ8LCYkJ_tu3SsiTVAvcxHgy1USpgeQjHk4v3cdnfFrJUUie6E2xoBZA67nm8E95-vM9gPtMgrTv3nO3aoaxK3sloYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.haberturk.com%2F&ds=l&xdt=1&iif=1&cor=10919557479232584000&adk=1964084971&idt=252&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 21:44:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 304B 31 KB
12 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 01:43:50 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 304B 41 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
DATA 200
OK truncated
/ Frame 304B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6da441fd3c5f66a195106fb645c34e4d6ad5b576a4cdb1aa2cdfe3f50c4ffaa0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 390D 38 KB
13 KB 33ms
33ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 411290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 390D 39 KB
15 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 12:05:20 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9808293042416762104/ Frame 7075 78 KB
34 KB 99ms
34ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9808293042416762104/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c14216062c41b49a0d897aae43b683218b4d5810a040c02637fd1c6ede337996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 430121
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 35050
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:06:48 GMT
expires: Wed, 18 Dec 2024 09:06:48 GMT
last-modified: Fri, 01 Dec 2023 09:24:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 304B 0
0 165ms
79ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumBcRviB4pIvBGDVcLw9BRkoiu7aHppG8n_ie1M0dSBnCXRWozHrYVTsz_mMkDzA80W5kk9GO05jZJuYqz3jYY42P8vvIMZANah3BcX57TY-P6o4SDr-RFqlkbQr5PLsrZi5vIQruRFeZI1OJH4lzTrRMHEUpisGYiyoL2vWgRCrf6w1BjlRu3Mtc5IFIfScYY3PMYp-pMBOcrTxPBvQe42c2fJcq-SzAt3GhfAH5R0q-QTtmU65vHuJiKVy5oOTDtX2CtE7fkehXFW7CSI6r06H2-63VxqErqS0ht3nuZiHdHDVlISty9kdZz7o7qNf_LqXvJCncRFYfvXfxMVq2ogSbZINw7_eH6WjaV74IHWapQUQI5P-XF6I0bWjoXN6uNd_Xec5F_g1W0qZGOLQOk4Zybneqx-0jCbWxHamSW9vqazcpEcYB9NYTYTl_uZm_TwVJcU4QcaHP0Xspgfb8cCEBpZUGX8C5W5alws4BXJajckw8qG5C8AOdlHuN0OJ8kfUmBy-75zCfKqoaOuS7HEJxiyZK1BpJJxWR95yML1hK3fdD57hoq9JWLij_tIgOukPuPKuBBSk9HJWC83z_PCOWWVeaNdm5EwwTouHxZgZOaTS7umEJjgNZSsc_fgmZgF0ziuQL2XYwwWcP4IgC_bDNsRW15Pe6Swipuit-SNviRvX3mWlXz8RfS3KLVxt20B-Mn8coPfHH-sNqyTioZMl6rE97Yy8a6_gncLUTS-l5K_cJzU9yQv7SZOkvxr-Jvf6DZ5r5uWo8nYqq8kx_KoVV-qigEY94DpGHiGP0KeJeTg0CdbAXJt5dJdpe4iYAuD8aHTFUt6vebVjFn4LP065rV87DhIVRjYwb2ReM1aeZEwqBFr-4csWB5Zq1VrjOeFaRY8zAp5OsTSuNvLKU0pk3EV38ESyMZpFlVEEA77CTMQf-ZDQ6ZQxiPm3ZSSZgekSLwvY0L_PBh26_9IZn6a2sBqQVlUb1BOgUrQPuXlAWzsD1MeqxckKKy6o33zxyWGEOvLU6aePXOi2VKEtHCyn82pxDdd28zOURajD_ZeYUH7xIxb0epflXN6NDtBiRHdEHil-gAgKI1jToRrEeNMrtkFVxZLntG-wQ3dr_v5PY_JuOVSYZG9rLi7qfnHPQdUvsruJKPvzqq9xMCiu33Vki_O3gSyIk4hicclxXjS5sA9M9rz4BYOmYaNLyvk_TjX2rTA1ORsHymyj3ZKhnCKD872gmxXhQuZVuY57A55bDeIzrefeWS2KZMii0GpMnNj09U94qzEEbvExuhbsngnXi-pM0OgIu4zFXKyfTfNxq-xQhHCgGua4slQU9bvdEJ3ItoAfbD40MlcX6VvLWGQ_IsW52kPem-0bMlNDfilda-nIUUlPufJGWcHrtH5uuKAsxStzcQV-F_lDCsII4TG4vveRgEQds9B2Rc-dlsJl2t7AvViHoh0X2hKYMby3QOEXH29AurO_M&sai=AMfl-YS27XMKBu2_HrrCdsH5u9Bg1W3UUjCLKEjGk4Pse3h6CD04W5mY1bLCXDAc8nLhLIFl1FxXu54CCOg_YQmnjYc15zkxd9U_cZ70CXyHAfonNvlKQF5dbqM7kwTtY9kUGiM9-CFdyFW3Gi088Vtf9qVKygiD1PiwkJRuYdVa0n34bzOjhZnhn_QNEF7L4lN4QiquDkk4EszATu54z6dxQQC753CmZb-fGyeetHr7EIcyomw_xjrS9U1FcbajI4_lKQFjSPQ0esWyNYfj5EUmBzaEyNVsca-rVHfbr7Aj9w&sig=Cg0ArKJSzHv4J8SEmZcqEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=176&cisv=r20231207.75461&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 08:35:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gsap_3.11.5_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7075 70 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9808293042416762104/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9808293042416762104/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27946
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:06:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:35:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 390D 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BS62dUe2HZdOeDuLL9u8P6ZmNuAsAAAAAOAHgBAI&bg=!gIOlg8zNAAY3kmNgF5I7ADQBe5WfOOGjiK_7cPrBLLc1sqEcFyd5bJW3yGMv51kaSYrl_cy_P7arc7raFAgquoHJY9zlAgAAAFBSAAAABGgBB5kDR13mZ17v49Dbf8M0iF--qVrFEjw5zslTGW8KL02Xm2hhEWkQj5T3fLs0-IHAcxr9JrxFyBNnnONdAxpZe_jr5amYciKBiu_14hM4OKm5XQVYgIl8cYPmJ1NFCCdTx6Syx1KWjRWrxhXF6xkRtzUKiu72ewMQac3bOq1EzhUr7IIpKx326AKzdplkI70wrgEW3SQYu4QmR198nIGdR9X1EWQtSb23P6L-ZhwaBS1y2npVpTMvzornDeP08dpsOj3Fu2L6uANj86D0YE3YV_Pi3qJ7jk2euZMWHG4u49c2s48YTwHgZ0n6urdr3mPhSheCFd3-dwmJup0DhkIZpWRcvrzB0nDb5YcMogkTGH-5vPJwNRTpBGyMvARv4gmLDYVtrMcw9ZFZnbM2A8D0-zcfEzcuQSLY8Rmco49xo9PaLg-QGCxNAwJ8uy9Mun6gWfjwT6rD9vS7BugRXFjrWTuqd7ZtocDPABTGs8RFDvBcoHt2tvemPyKi8ugrD8KnRHwRKedhbkV9pXTwFGUOcbCFlcLJMCY-QcmvxQNWBHnnZJcgyysKd6fMxeB_7FuF_8BlL_VpaYWPD7lvfp-t6pCIL-TuMZUzEnzdtEgkzhx4VStpJTF4gHu6FOYBRRXYsDaF2C0MNIb9LsHrkoUF4jCNm0AFzdu3kol8zOKcReOJE4ycCdLHVIJr1_iOFfpcCJX-wuTWNDDtErUYMjFnTz8ztwdo_HqjFGaymLBTLhwMGx4fY_SNr8K1baFZaucdnTNrScD5EAqGb5cyj01yDZRdr3ox13E9ykUdcue5XruU2wOm52Ebvdlo1d25_NPJSV6i8noCq6qqVF7rVFC91jd_ywVD6RpCSx7enGrMtKfcNUBpXCkh8o0Wm2NbSI-NlUk5Z9Jvpl-HEAG3Lc1LYXw3dM05OUVes5akU89AyfgeWMqk82hxGk_Hl7yJptV6k_Sy-Ca3PyTk07flad-f6OaCotf38KMy8Cuso8fCIpMyYAewXzk8Utyw3EVazbdMCFY-WtMmWXZ79C_536DMmzYFfhnxWFLAGWnYXd2wK97BezLtwFrsue0b0DIclUxLAME8aRwmsnjtdJSXKI3-mVILvH9OfdkN9pc6

Requested by

Host: b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
URL: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img1.jpg
s0.2mdn.net/sadbundle/9808293042416762104/ Frame 7075 64 KB
64 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9808293042416762104/img1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9808293042416762104/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30fe99a399d4f13e0db6a2b84a81f0a49ec719571c50c5b5d4fae06dc3504bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9808293042416762104/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:06:48 GMT
date: Tue, 19 Dec 2023 09:06:48 GMT
x-content-type-options: nosniff
age: 430121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65675
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 09:24:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 7075 15 KB
15 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4bf8dd9dc3d2f8a7c79c3a7155b132aa26ac5cbbf452f60f47e04e18f57ed40

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: font/ttf;charset=utf-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 304B 0
0 70ms
69ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumBcRviB4pIvBGDVcLw9BRkoiu7aHppG8n_ie1M0dSBnCXRWozHrYVTsz_mMkDzA80W5kk9GO05jZJuYqz3jYY42P8vvIMZANah3BcX57TY-P6o4SDr-RFqlkbQr5PLsrZi5vIQruRFeZI1OJH4lzTrRMHEUpisGYiyoL2vWgRCrf6w1BjlRu3Mtc5IFIfScYY3PMYp-pMBOcrTxPBvQe42c2fJcq-SzAt3GhfAH5R0q-QTtmU65vHuJiKVy5oOTDtX2CtE7fkehXFW7CSI6r06H2-63VxqErqS0ht3nuZiHdHDVlISty9kdZz7o7qNf_LqXvJCncRFYfvXfxMVq2ogSbZINw7_eH6WjaV74IHWapQUQI5P-XF6I0bWjoXN6uNd_Xec5F_g1W0qZGOLQOk4Zybneqx-0jCbWxHamSW9vqazcpEcYB9NYTYTl_uZm_TwVJcU4QcaHP0Xspgfb8cCEBpZUGX8C5W5alws4BXJajckw8qG5C8AOdlHuN0OJ8kfUmBy-75zCfKqoaOuS7HEJxiyZK1BpJJxWR95yML1hK3fdD57hoq9JWLij_tIgOukPuPKuBBSk9HJWC83z_PCOWWVeaNdm5EwwTouHxZgZOaTS7umEJjgNZSsc_fgmZgF0ziuQL2XYwwWcP4IgC_bDNsRW15Pe6Swipuit-SNviRvX3mWlXz8RfS3KLVxt20B-Mn8coPfHH-sNqyTioZMl6rE97Yy8a6_gncLUTS-l5K_cJzU9yQv7SZOkvxr-Jvf6DZ5r5uWo8nYqq8kx_KoVV-qigEY94DpGHiGP0KeJeTg0CdbAXJt5dJdpe4iYAuD8aHTFUt6vebVjFn4LP065rV87DhIVRjYwb2ReM1aeZEwqBFr-4csWB5Zq1VrjOeFaRY8zAp5OsTSuNvLKU0pk3EV38ESyMZpFlVEEA77CTMQf-ZDQ6ZQxiPm3ZSSZgekSLwvY0L_PBh26_9IZn6a2sBqQVlUb1BOgUrQPuXlAWzsD1MeqxckKKy6o33zxyWGEOvLU6aePXOi2VKEtHCyn82pxDdd28zOURajD_ZeYUH7xIxb0epflXN6NDtBiRHdEHil-gAgKI1jToRrEeNMrtkFVxZLntG-wQ3dr_v5PY_JuOVSYZG9rLi7qfnHPQdUvsruJKPvzqq9xMCiu33Vki_O3gSyIk4hicclxXjS5sA9M9rz4BYOmYaNLyvk_TjX2rTA1ORsHymyj3ZKhnCKD872gmxXhQuZVuY57A55bDeIzrefeWS2KZMii0GpMnNj09U94qzEEbvExuhbsngnXi-pM0OgIu4zFXKyfTfNxq-xQhHCgGua4slQU9bvdEJ3ItoAfbD40MlcX6VvLWGQ_IsW52kPem-0bMlNDfilda-nIUUlPufJGWcHrtH5uuKAsxStzcQV-F_lDCsII4TG4vveRgEQds9B2Rc-dlsJl2t7AvViHoh0X2hKYMby3QOEXH29AurO_M&sai=AMfl-YS27XMKBu2_HrrCdsH5u9Bg1W3UUjCLKEjGk4Pse3h6CD04W5mY1bLCXDAc8nLhLIFl1FxXu54CCOg_YQmnjYc15zkxd9U_cZ70CXyHAfonNvlKQF5dbqM7kwTtY9kUGiM9-CFdyFW3Gi088Vtf9qVKygiD1PiwkJRuYdVa0n34bzOjhZnhn_QNEF7L4lN4QiquDkk4EszATu54z6dxQQC753CmZb-fGyeetHr7EIcyomw_xjrS9U1FcbajI4_lKQFjSPQ0esWyNYfj5EUmBzaEyNVsca-rVHfbr7Aj9w&sig=Cg0ArKJSzHv4J8SEmZcqEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=371&vt=11&dtpt=192&dett=3&cstd=176&cisv=r20231207.75461&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.haberturk.com
URL: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 304B 42 B
64 B 138ms
71ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVCfNB2rL5h-LVrC2R4TtcB6tnpYi4ASr05jKtTjsbRER-YG2Z6oDN-Mw2OPRwMLDhAi6B3HUWT9hG3IP_1X6HcQotmRRup80mwnld7jY0R-yXom9EOMb_eN_R_G-M14kUqhmNxqSUAKlsxaJx17A5HHxg&sai=AMfl-YQxtMiWlRc11tQBVLTdvMQTiTFXDewJ7piGhSLsvlJIMOf4WHVlIfKWJvLx4v6v6VBAdCk6M5UlheXtA5wag44vT3PLrPgIPI_PZLIrrzkQcf8LecuTz7QIzdyp-7cXiBK-jKeflLhgVXlvuhhUTQ&sig=Cg0ArKJSzOB05Fwiy4DnEAE&cid=CAQSTwAvHhf_QN08BRuuRAkZ8LCYkJ_tu3SsiTVAvcxHgy1USpgeQjHk4v3cdnfFrJUUie6E2xoBZA67nm8E95-vM9gPtMgrTv3nO3aoaxK3sloYAQ&id=lidar2&mcvt=1001&p=165,315,415,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2657784127&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703406928813&rpt=552&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 304B 0
20 B 93ms
92ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5255389988202&version=m202309260101&ct=76&x=1&cor=10919557479232584000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 87ms
86ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06cd866b029ef80c446b4a010eb38ba6e73a6968e38b299595390d8085e870b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12156
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 686C 14 KB
6 KB 82ms
29ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.haberturk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.haberturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:35:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 394668
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 netmera_worker.html Show response
www.haberturk.com/ Frame D628 4 KB
2 KB 33ms
33ms Document
text/html 185.102.219.172
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haberturk.com/netmera_worker.html

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-102-219-172.datapacket.com

Software

MerlinCDN /

Resource Hash

d421b07a73e5054f1da97150aa2707482f2aefc8600d29b9eecbdb088caa1483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/ozel-icerikler/abdurrahman-yildirim-1018/3645073-kredi-notu-neden-yukselecek
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 10
allow: GET, HEAD, OPTIONS, POST
cbglayer: P
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:35:31 GMT
etag: W/"65836024-10a5"
last-modified: Wed, 20 Dec 2023 21:44:04 GMT
server: MerlinCDN
via: HTTP/2.0 Merlin CDN
x-backend: NA-168-211
x-cache-status: HIT
x-content-type-options: nosniff
x-edge: de-fra-dp-s03
x-frame-options: SAMEORIGIN
x-midtier: de-fra-lea-s01
x-xss-protection: 1; mode=block

GET
H2 200 fbox.js Show response
ntm.netmera-web.com/wsdk2/ Frame D628 4 KB
2 KB 32ms
31ms Script
application/javascript 31.3.2.72
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ntm.netmera-web.com/wsdk2/fbox.js?v=4.2.22
Requested by: Host: www.haberturk.com
URL: https://www.haberturk.com/netmera_worker.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-236 /
Resource Hash: 7b890dc41d051c686bda87447a5556a4d7e1a53fd40dde66bc9f12ea83bc00d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:31 GMT
content-encoding: br
last-modified: Tue, 28 Nov 2023 20:50:36 GMT
server: MNCDN-236
x-mnrequest-id: d4826f6e1677232012520b6f2f3efef3
x-amz-request-id: F69N8FFGY4J4JG1F
x-edge-location: DE-372
x-amz-server-side-encryption: AES256
x-cache-status: Edge : HIT,
content-type: application/javascript
cache-control: private, max-age=900, s-maxage=604800
x-amz-id-2: 6zOAjOmcxCVTEoV+dJN6p/E9WeW4c6VcGfkza+CLP4hIQaCKtALEodrnPuMovpCaFD6FgwqEyTo=
x-mserver: DE-372

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 08:35:31 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 686C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=haberturk.com&sn=ChromeSyncframe&so=0&topUrl=www.haberturk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=B50ftXxaelhsV3JzWTZEZW8wbHRUK2dZU202TndPT0I2WnlwaXcwQlRXZzZQZ2RYTDZlcElzNUNOb0NNRTdxL0FYaXRDTUFsWnpGWWs1ZmZNVjA2Z0RSVmxiRnlPNm93K1RuK1pUTVFEdzVOMDJEYzFUREFLODdjaEpOV1...

419 B
646 B

42ms
27ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=B50ftXxaelhsV3JzWTZEZW8wbHRUK2dZU202TndPT0I2WnlwaXcwQlRXZzZQZ2RYTDZlcElzNUNOb0NNRTdxL0FYaXRDTUFsWnpGWWs1ZmZNVjA2Z0RSVmxiRnlPNm93K1RuK1pUTVFEdzVOMDJEYzFUREFLODdjaEpOV1hQbHZTQkpEaGdnblNNUk9ZNldzdGRaUW95ek1LdkQ5eDhLMXJ6OXo4ZWlmNUo1bndPTHhCOGR6cEdRaEtjdmFzRDh4REN0U0Q0L3RxS3VuNmx1QlRFQWpoa0U3aGwxK3VlZktYZEZuclhQQWxiL01zNjlnVnowRWlZTDZ1endKU3ZPRVBia1k5Tjh0M0dBVVg1Y01BWitKTjdVaW02eFF0QUlPaGZTMy9FenZWamZrY3ZWcz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2ae7302157bc89f4f83d317d93b18f5ed990131b923f06c42074ecfe4e05618d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1269147
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=B50ftXxaelhsV3JzWTZEZW8wbHRUK2dZU202TndPT0I2WnlwaXcwQlRXZzZQZ2RYTDZlcElzNUNOb0NNRTdxL0FYaXRDTUFsWnpGWWs1ZmZNVjA2Z0RSVmxiRnlPNm93K1RuK1pUTVFEdzVOMDJEYzFUREFLODdjaEpOV1hQbHZTQkpEaGdnblNNUk9ZNldzdGRaUW95ek1LdkQ5eDhLMXJ6OXo4ZWlmNUo1bndPTHhCOGR6cEdRaEtjdmFzRDh4REN0U0Q0L3RxS3VuNmx1QlRFQWpoa0U3aGwxK3VlZktYZEZuclhQQWxiL01zNjlnVnowRWlZTDZ1endKU3ZPRVBia1k5Tjh0M0dBVVg1Y01BWitKTjdVaW02eFF0QUlPaGZTMy9FenZWamZrY3ZWcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 272742
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6228 13 KB
5 KB 62ms
60ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haberturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 66733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 14:03:19 GMT
expires: Sun, 22 Dec 2024 14:03:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E09 829 B
998 B 43ms
42ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3a7120b70042b4982aeeac38a07fb66889c18b2e745135858ed97972cea8d50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xQyvkt0WeIfk0IA5J7P_wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haberturk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xQyvkt0WeIfk0IA5J7P_wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:35:32 GMT
expires: Sun, 24 Dec 2023 08:35:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8E09 0
0 92ms
92ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1470292312336984&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6228 39 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 12:05:20 GMT

GET
H2 200 appIcon
wsdkapi.netmera.com/wsdk/3.0/ Frame D628 19 KB
19 KB 298ms
149ms Image
image/png 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wsdkapi.netmera.com/wsdk/3.0/appIcon?appKey=haberturk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash: b354890773315da2362eb3f4cd3af3868ae9d2f0ef1b1631821d0beb4a1e3aa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:32 GMT
server: nginx
x-robots-tag: noindex
content-type: image/png; charset=UTF-8

POST
H2 200 fire Show response
wsdkapi.netmera.com/sdk/3.0/event/ 0
234 B 75ms
75ms Fetch 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/event/fire

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: nl-NL,nl;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.22
Referer: https://www.haberturk.com/
x-netmera-api-key: n9wxi9Ibj2FDSK9TgytPZyKuseQF3C7Oc1cV-pqByL6umukvRG0ueQ

Response headers

date: Sun, 24 Dec 2023 08:35:32 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fire
wsdkapi.netmera.com/sdk/3.0/event/ Frame 0
0 73ms
73ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/event/fire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://www.haberturk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Sun, 24 Dec 2023 08:35:32 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6228 0
10 B 60ms
60ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GlLfVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:35:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1470292312336984&bg=!yMuly4TNAAY3kmNgF5I7ADQBe5WfOOuzfizMlt_pj9sgnU_Nh3DIcAxbTAIJ7BSTdg5u5AyAyexU0aJlDnsvBlqXd1oqAgAAAGJSAAAAA2gBBwoAF08MSo22ftSyO-hebBhVYC_Ik2aL_b2BmQLfzfMIqNY7rnYNuuQo44ppidGYol5Mrdjia-3vl1lZSS_0w9TVhGD09PTfyum-9Wv3QTJHjsSLU3KEvWTJ5IxH4YvOlB6z8k7frHWep8uuPcsuPo4tP2RkIsRm9wo_voU1r2dDcLVKQcfvaQ3BLZFnzRC4PMCRK5HzcEIzOTVC7EzoYYA61g_jCSgx0kAf2Svp2S47wShz7zBZgZ2J8UobAfKKlyr_JG_n7RD1emktEQC2f6SmFSOPupZYGBMXli6AHk80WlNT7eOg4MSzqG-mE0GvscR0sZJC7GdtbMUaDrGY82vorIvcP7-5u6sZdidkqKhu8xUgDAEh3ddtGttEbxsiRLJRl23AY4oji45lgpQveKD6zkkKR6ASJtTNxpTgKne9hX9PmMQiyMFO5ypJopolSaD-iZT-yJeJlvNBmQarVi6h9UEIbKXx7M0h5ktjviltqxoaVBvf6FfAoPg-0EOsHJCMMVWN9bSH4SotYcGPOV0HMTk_aodbQvlP4rH2SON-Rq5xyI60D1K8ad5tfwe7c0lWbzFm_cQiK566sOSIGh34mZcj4oB6JRybWgz1IBJdMuAzia86Yq47gTyBD3xMXkqDajsH4JtBvO19S94shwn4WFDEmvE-L6tdDJ1UEZYW-q5r-YasfLSLvMfllx3z-fFbKHgviqq2FGj5OPNCQwugPgI_4LJ-X3OrNbuiEc7wQ5quevxLtE2gEsCbldlEWrGiBguFxmMCvwFUTjs2CvELL6r13p6UE6wrk91cbPyJCNbJ84mgtkzDmjKFYZFjUtr0Med7yiedOVTGz7KgcEXlYNGXsv8qj1jhrAT_UlJEziNd0svhFF_4PJPugLSMrd3GhscagRJEe4k0EbON3XrSjWxpvFSCdiZeNh3N4O6vg7MqKyEmi92_Mm_Bw3Zzec1N_NgMgJXRUoMLBwaywzzXR1JqKtF0ofFO5RbOm24cD515NhEZvokFQtuU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3DF1E1VJKN&gtm=45je3bt0v9102903263z876620496&_p=1703406927310&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1447365078.1703406928&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1703406927&sct=1&seg=0&dl=https%3A%2F%2Fwww.haberturk.com%2Fozel-icerikler%2Fabdurrahman-yildirim-1018%2F3645073-kredi-notu-neden-yukselecek&dt=Kredi%20notu%20neden%20y%C3%BCkselecek%3F&en=ntg_video&_et=4&tfd=6139
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DF1E1VJKN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haberturk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:35:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haberturk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.haberturk.com/	1970-01-20 17:10:14	Name: XSRF-TOKEN Value: eyJpdiI6Ii9FSE9xcVZNRHE5QnR1dVBRVHlRVHc9PSIsInZhbHVlIjoiaysxR0FXdS8rTjRERWhrM3kxazJpTlUycENGdnRKR1dvVURzd1M2Y3dKYWhMc3RCZ3h1UzZGNUNsOW90b3JTbmMvNi92ODF0SUxKMzVzZ0N2ZG0wcHVnUmgvYjZUeWpHeXZzT2JUbktaajRpc0g1eDFTR3NTSVdSVzZ0VHBmT20iLCJtYWMiOiJkNmFmNDFiY2FmMzQyMTU4MzJmMzQzODc3YzE1NzU2N2JkMDQxNGEzMjRlNjRhMDE4NjdhN2RiOGMwNjRiYmRiIiwidGFnIjoiIn0%3D
www.haberturk.com/	1970-01-20 17:10:14	Name: haberturk_session Value: eyJpdiI6IkdJRlJpQmxkdGI0MUZpR1NvdjFQdXc9PSIsInZhbHVlIjoibU9hZ1M3MlNiQzlxTnBXbWF2R3JkV0paTmlCNE5BekZpYTg4ZkJobk0rdWZ6Qnp6a1NZWFdlSkU5UHJWWEZKSW1xQVIzOVpnK3pHZHExeUsyM2syZGVLd3F3T1IyaGpwM3J3cW5FeWc4b01rZ2hSWlJaS2pUR3FIU0xRdVZTMC8iLCJtYWMiOiI4ZGQ2OTQxOTg3NDEzZWY5ZDU0MjJlYjUxYmNjMzM2MmVhZmY2NDQ3MTFmOTEyNDE5M2QwMDNkMmMxZTI1NTEwIiwidGFnIjoiIn0%3D
.haberturk.com/	1970-01-21 02:38:54	Name: __gfp_64b Value: Zf5xqrBJ8yH7tf31ZnzeohuylFgj0a8c6YJeRPn_1h..T7\|1703406927
.haberturk.com/	1970-01-20 17:11:33	Name: _gid Value: GA1.2.1462054379.1703406928
.haberturk.com/	1970-01-20 17:10:06	Name: _gat_UA-206852-3 Value: 1
.haberturk.com/	1970-01-20 17:10:06	Name: _gat_UA-206852-39 Value: 1
.haberturk.com/	1970-01-21 02:46:06	Name: _ga_3ZRKVF28XW Value: GS1.1.1703406927.1.0.1703406927.60.0.0
.haberturk.com/	1970-01-21 02:46:06	Name: _ga Value: GA1.1.1447365078.1703406928
.haberturk.com/	1970-01-21 02:46:06	Name: _ga_3DF1E1VJKN Value: GS1.1.1703406927.1.0.1703406927.60.0.0
www.haberturk.com/	1970-01-20 17:11:33	Name: geoLocationCity Value:
.hit.gemius.pl/	1970-01-20 17:20:11	Name: Gtest Value: KlQIVMGGQMQGvpJXiWhBNDGUssGMXP8c25nSGYlc_PLWXBG.
.hit.gemius.pl/	1970-01-21 02:38:54	Name: Gdyn Value: KlS3BMXGQMQGvpJXiWhBNDGUssGMXP8c25nSGYlc_PLWFRxSG7RrGS6GkFGtFlnMxgGPoeISD0F6Sssa
.hit.gemius.pl/	1970-01-21 02:38:54	Name: Gdynp Value: wWN3FqYJ5HITknWtjwDDhlnERDKKPy8Z.8seZTmFNKn.V7
adsp.haberturk.com/	1970-01-21 01:55:42	Name: AVPUID Value: 0f99dfc2e428795d05ffea561e366f31
adsp.haberturk.com/	1970-01-20 17:10:07	Name: hbtloadcheck_cookie Value: ffffffff5f2517d945525d5f4f58455e445a4a423660
.haberturk.com/	1970-01-21 02:46:06	Name: _ga_K4LB9Y83L6 Value: GS1.2.1703406928.1.0.1703406928.0.0.0
.haberturk.com/	1970-01-21 01:55:42	Name: _hjSessionUser_2225218 Value: eyJpZCI6IjUxZDZiZGYyLWQxY2ItNTM5NC04OWMwLWQyNjIzYzhmZDczMCIsImNyZWF0ZWQiOjE3MDM0MDY5MjgxMTgsImV4aXN0aW5nIjpmYWxzZX0=
.haberturk.com/	1970-01-20 17:10:08	Name: _hjFirstSeen Value: 1
.haberturk.com/	1970-01-20 17:10:08	Name: _hjIncludedInSessionSample_2225218 Value: 0
.haberturk.com/	1970-01-20 17:10:08	Name: _hjSession_2225218 Value: eyJpZCI6ImY1YWZkNTk4LWMwMjctNGYzMi1iMGE5LTYxN2RlY2ZhMDczNSIsImMiOjE3MDM0MDY5MjgxMTksInMiOjAsInIiOjAsInNiIjowfQ==
.haberturk.com/	1970-01-20 17:10:08	Name: _hjAbsoluteSessionInProgress Value: 1
.haberturk.com/	1970-01-21 02:31:42	Name: __gads Value: ID=89dfc3baa279b6bc:T=1703406928:RT=1703406928:S=ALNI_MYln5fW7H5YccNYi6WNbPotJbbpgg
.haberturk.com/	1970-01-21 02:31:42	Name: __gpi Value: UID=00000d27afad0ba6:T=1703406928:RT=1703406928:S=ALNI_Mb86RnwobPtEjgEKXPJPFdmYEtF6Q
.doubleclick.net/	1970-01-21 02:31:42	Name: IDE Value: AHWqTUmFQMl5KXiry1o3HiMiN0z-zo3VibpF3THCL7LZz_iiXyyU5iReczOM4Lah
.adnxs.com/	1970-01-20 19:19:42	Name: uuid2 Value: 4949096694324425714
.casalemedia.com/	1970-01-21 01:55:42	Name: CMID Value: ZYftUaBXumTAd7x3GIgsgQAA
.casalemedia.com/	1970-01-20 19:19:42	Name: CMPS Value: 1137
.casalemedia.com/	1970-01-20 19:19:42	Name: CMPRO Value: 1137
.adnxs.com/	1970-01-20 19:19:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTzqn'mh!]tbPl1M>e)ZlrFUfJ+tGXxoaG2W2kFtb3NCYmWvHN@IGK.wptaaU3ltDP6@3If)y3KL9D3I?+GhTJ1s
.doubleclick.net/	1970-01-20 21:29:18	Name: APC Value: AfxxVi6JiJt6WRY32i8D7tMhk5a1SIV7uQko2CkpOdMCJoQ3cU3gYQ
.criteo.com/	1970-01-21 02:31:42	Name: uid Value: c30cb3c3-bde2-4aac-bd49-604ff81c16d0
.criteo.com/	1970-01-21 02:31:42	Name: receive-cookie-deprecation Value: 1
.haberturk.com/	1970-01-21 02:31:42	Name: cto_bundle Value: GRVM0V90d1h2Vk5SQ2FCbW4ybmhmd1NaTVdqQXo2Y1RKV2xmaDk3d2tvU3NsSnJUNmFMOFZFMHlYcFk5UHpYaDhMbnNiUWtMMExRdSUyQmFTcXR0ZHljRENOa05XNWlkMVR5VjZsOWlZOW9FRUtwdE9pZHBiNnN2Rml6S083M2x0VW1ESiUyQmpObkZPRmdEV2plTVNVVE8wSnNjQTVnJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js Message: Failed to load resource: the server responded with a status of 504 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsp.haberturk.com
b6e0a5b91acd700f5b855ea7566287ab.safeframe.googlesyndication.com
bidder.criteo.com
cdn.netmera-web.com
cdn.p.analitik.bik.gov.tr
cm.g.doubleclick.net
digital-online-islemler.site
dsum-sec.casalemedia.com
gatr.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
im.haberturk.com
ls.hit.gemius.pl
mug.criteo.com
ntm.netmera-web.com
o.gez.io
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.hit.gemius.pl
vc.hotjar.io
vmcdn.ciner.com.tr
wsdkapi.netmera.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.haberturk.com
13.32.27.107
142.250.186.66
146.59.30.108
172.217.23.98
172.64.151.101
18.66.112.110
18.66.97.10
185.102.219.172
185.102.219.173
185.57.65.125
185.89.210.180
2001:4860:4802:34::36
2001:4860:4802:38::178
2a00:1450:4001:803::2006
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c09::9a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a06:98c1:3120::9
31.3.2.72
37.59.195.0
5.135.121.144
54.170.121.144
66.90.86.34
92.45.106.141
92.45.106.166
06cd866b029ef80c446b4a010eb38ba6e73a6968e38b299595390d8085e870b2
06f23be13a8f403bf406ddc4be2a1ef4b183afbc6404dcaa801dda33266a7a11
0aa965f2e05cec3e4d84196c8a38a486945172592f7c59a376092d2d847999c6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd37077f4f364df4bcdf5114c82950c368ed9a446e7fd4096db88d2e9bae202
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
2ae7302157bc89f4f83d317d93b18f5ed990131b923f06c42074ecfe4e05618d
2c02192ac28a8e8026a0dbbe1ef12514e4a82246a21d360bf522e314af1e2b55
2d45bb9ac22be8ca6e4a896bdf7bb65534c73816e3abf9189e139e4ea404cab7
2f50295f54bd4f0fbb39b32562a3ab0800c595bb4b728b406a9df32f504b26d9
30fe99a399d4f13e0db6a2b84a81f0a49ec719571c50c5b5d4fae06dc3504bc1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c32636ce6173421e6eae24a526d92b994c1fc347f0981c94a60cd0ec3e5f014
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49f739382913d6eb792d7f9e41b8f5d2d7c607b2b9f90c0ddf9ab71ee271c8d5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
545c38b0922de19734fbffde62792c37c2aef6a3216cfa472449173165220f7d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5738e0b88edfb048feb3574bc4d718766d5baecc2188936f1a496725aa5ade64
5da21a3d2811c28e348f4f303963c1d31b39d60f4f4f50147121330f2db5c554
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69fea018934e081011515c36f8ad80f4c936fad046f068b6d0a03ef65ac6cbc4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da441fd3c5f66a195106fb645c34e4d6ad5b576a4cdb1aa2cdfe3f50c4ffaa0
6fc8dd7b32f7c1ec66b428bf325a2f9a44a96bb9f340299100a73aa78a1883b5
7123a2746232a33744643096adce3f2ab7e5bc0f020ebd0f34c490239e4d28eb
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
761d2914e263c1642370b9cfc470b6a23021146ef2da58794c459d1fcc5b0563
76e5258c11577f0cfaaeeae02db727d839b96eda02f806bbe4e5d4412c742af2
7b890dc41d051c686bda87447a5556a4d7e1a53fd40dde66bc9f12ea83bc00d1
8a86c7367752c7ca52fc2de1ed0979f2064ca286bb633b89bdc5c0d37a2837a4
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
927e9c742a51fca3c988db483281d66ad3e29d1ed030515c10e3222f263675b9
9766e136946880b0015240c962c14e9b29e5f696288f548bf37b1a5a102c567f
99b859723af651e163dc3570335a4d271daa04dad748e800841dea598881db66
9b3ac8ceb85e6ee61739fd2737c4aeac169dbf85810decf1b3bf365db7f788d2
9c31edb555f9d7750905c3d52e87092fdca1f5443c1eb729758217972c5ce03d
9e8ae8df63c18ceff7948468905aaae508a8a4f19fd0a119f9df22661d7b0fde
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffbb332d6cc1d1d150ad7e691e20dded3e2b82ae516786b39ada3bd79696fa7
a07a7c25f5f7e102769349e786afd0c9c9f4d22dcd27be05b7cd976982fc19b2
a1cd31f9b3d90e808f1ca128244c4142ea42011894975a1d64bd9609ace9632f
a754c32b5ad113d0837bd27fcc09a750d3c69dcaccb6fc6611c9488595952e41
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15ee5386fff7cbec46111b74e1c415217300bfabfc6a2fbddfe978b6dd7dff5
b17adf958e0e9e46c8c3e8a5cfaffa54017cf95446709d462d2e606d54286d8c
b354890773315da2362eb3f4cd3af3868ae9d2f0ef1b1631821d0beb4a1e3aa7
b5c063d549c610320d64124eef709b095cd40148a8703f7a4aaa17a66e5536c6
b72eac9e160171b94a9fd5e986fe197aa177b7b556081d84eaf5d19dc5c3bf58
b94b750d8f68a2efa953ab4f351b53f7800b4fd32574c268a38879dbef363d90
bb96e1121d0da53845831482e536410fed1b8810b793145bff85f0432a70daf8
bef8dc6c2e3e919948793fe159987cad3c41f38531e1be4c1620fe7c64a26048
c14216062c41b49a0d897aae43b683218b4d5810a040c02637fd1c6ede337996
c23a45eab2fd78eab983e7e5cc38c82e8824128fc5632057b94324fcebed2530
cecdf1925c0b9ef1fa54d3b2028e0a481a897a106903fd283219724e11e2dbfe
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cf90542374308f6a354f70fef47e75e7a9b901f9376f9665cef566f2befae9c0
d0e2792814c62b49a5655ff0fe7aa91723d48edf7e3ff55db7688ae2d73786a7
d18ddd3152b548d5ac0e42b774bb3b2981cdb0e2a88d03b7822ad6e76bc8a415
d3a7120b70042b4982aeeac38a07fb66889c18b2e745135858ed97972cea8d50
d421b07a73e5054f1da97150aa2707482f2aefc8600d29b9eecbdb088caa1483
daf94b7790390e984703c001dbaddf376ada7275c8e2166cdf6b7ec75b5cf31d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df2c8143c66a1b81a06018a8c4919c2380c68c67698fc6764c42f6ffda2418c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e738af6790f8a195cf3f3fd5fb2d022ec10fdd9d2b46b05d2b3e5c1b6db03fa3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07fd2b6a2998a79ed95f9120bf9cfb5888dbd6433cc159ef5ecd659936f6182
f4bf8dd9dc3d2f8a7c79c3a7155b132aa26ac5cbbf452f60f47e04e18f57ed40
fd8bb75f83f6848d4650ddfabff0f6d3af808275d3c91f27f630b9f89dfbd11c

www.haberturk.com Open in urlscan Pro 185.102.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

94 %HTTPS

49 %IPv6

22 Domains

38 Subdomains

34 IPs

8 Countries

2706 kBTransfer

5776 kBSize

33 Cookies

20 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.haberturk.com Open in urlscan Pro
185.102.219.172 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

94 %
HTTPS

49 %
IPv6

22
Domains

38
Subdomains

34
IPs

8
Countries

2706 kB
Transfer

5776 kB
Size

33
Cookies

117 HTTP transactions
2 data transactions