sahibinden.scrsafepay.com Open in urlscan Pro
2606:4700:3034::6815:2f60 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Submission: On April 26 via api (April 26th 2023, 9:18:52 pm UTC) from TR — Scanned from DE

Summary HTTP 114 Redirects Links 88 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 21 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3034::6815:2f60, located in United States and belongs to CLOUDFLARENET, US. The main domain is sahibinden.scrsafepay.com.
TLS certificate: Issued by E1 on April 26th 2023. Valid for: 3 months.

This is the only time sahibinden.scrsafepay.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sahibinden (Classifieds)

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3034::6815:2f60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
20	85.153.138.73 85.153.138.73	34984 (TELLCOM-AS) (TELLCOM-AS)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.57.72.211 52.57.72.211	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2011	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 34	37.59.195.1 37.59.195.1	16276 (OVH) (OVH)
1 8	178.33.196.208 178.33.196.208	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
2	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
114	27

6 2606:4700:3034::6815:2f60 (United States)

ASN13335 (CLOUDFLARENET, US)

sahibinden.scrsafepay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 85.153.138.73 (Turkey)

ASN34984 (TELLCOM-AS, TR)

s0.shbdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.72.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-72-211.eu-central-1.compute.amazonaws.com

hb.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 37.59.195.1 (San Javier, Spain) 1 redirects

ASN16276 (OVH, FR)

trgde.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.33.196.208 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip208.ip-178-33-196.eu

gdetr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	adocean.pl 1 redirects trgde.adocean.pl — Cisco Umbrella Rank: 40982	240 KB
20	shbdn.com s0.shbdn.com — Cisco Umbrella Rank: 56864	886 KB
11	googlesyndication.com 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	49 KB
9	gemius.pl 1 redirects gdetr.hit.gemius.pl — Cisco Umbrella Rank: 58289 ls.hit.gemius.pl — Cisco Umbrella Rank: 10899	71 KB
7	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5341	123 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269	159 KB
6	scrsafepay.com sahibinden.scrsafepay.com	494 KB
4	gstatic.com www.gstatic.com ssl.gstatic.com	38 KB
4	google.com www.google.com — Cisco Umbrella Rank: 16 accounts.google.com — Cisco Umbrella Rank: 92 adservice.google.com — Cisco Umbrella Rank: 130	31 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	59 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	48 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	google.dz adservice.google.dz	531 B
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 2097
1	adscale.de hb.adscale.de — Cisco Umbrella Rank: 13103	243 B
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 803 gum.criteo.com Failed	227 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3716	617 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	2 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 822
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	11 KB
0	sahibinden.com Failed banaozel.sahibinden.com Failed
114	21

	Domain	Requested by
34	trgde.adocean.pl	1 redirects 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com gdetr.hit.gemius.pl trgde.adocean.pl
20	s0.shbdn.com	sahibinden.scrsafepay.com s0.shbdn.com
8	gdetr.hit.gemius.pl	1 redirects trgde.adocean.pl gdetr.hit.gemius.pl
7	cdn-ukwest.onetrust.com	sahibinden.scrsafepay.com s0.shbdn.com cdn-ukwest.onetrust.com
6	securepubads.g.doubleclick.net	sahibinden.scrsafepay.com securepubads.g.doubleclick.net s0.shbdn.com 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com www.googletagservices.com
6	sahibinden.scrsafepay.com	sahibinden.scrsafepay.com s0.shbdn.com
5	pagead2.googlesyndication.com	s0.shbdn.com tpc.googlesyndication.com www.googletagservices.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com tpc.googlesyndication.com
2	static.criteo.net	s0.shbdn.com
2	6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ssl.gstatic.com	accounts.google.com
2	www.gstatic.com	www.google.com
2	www.google.com	sahibinden.scrsafepay.com tpc.googlesyndication.com
1	ls.hit.gemius.pl	gdetr.hit.gemius.pl
1	s0.2mdn.net	trgde.adocean.pl
1	www.googletagservices.com	6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.dz	securepubads.g.doubleclick.net
1	csp.withgoogle.com	sahibinden.scrsafepay.com
1	hb.adscale.de	s0.shbdn.com
1	bidder.criteo.com	s0.shbdn.com
1	adx.adform.net	s0.shbdn.com
1	cdn.jsdelivr.net	s0.shbdn.com
1	accounts.google.com	sahibinden.scrsafepay.com
1	tags.bluekai.com	s0.shbdn.com
1	cdnjs.cloudflare.com	sahibinden.scrsafepay.com
0	gum.criteo.com Failed	static.criteo.net
0	banaozel.sahibinden.com Failed	s0.shbdn.com
114	28

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.sahibinden.com
secure.sahibinden.com
banaozel.sahibinden.com
www.sahibindenakademi.com
policies.google.com
maps.google.com
s-kariyer.com
yardim.sahibinden.com
www.facebook.com
www.twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
www.guvendamgasi.org.tr
etbis.eticaret.gov.tr

Subject Issuer	Validity	Valid
scrsafepay.com E1	`2023-04-26` - `2023-07-25`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-11-26` - `2023-11-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.shbdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-29` - `2023-09-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.adscale.de Amazon RSA 2048 M01	`2023-03-10` - `2024-04-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.dz GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2023-01-30` - `2024-02-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Frame ID: 2E1A7D105E816C8D920C86A04C9A7223
Requests: 54 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO2L0ZAAAAAPx76ulSR5rhwmAD-wBiAxUlfA7Q&co=aHR0cHM6Ly93d3cuc2FoaWJpbmRlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=3sf8m78axnm6
Frame ID: F35AB883CA4BCB59AE24CE9CC33390A9
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=320&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_42511_452900&as=wPiH4REMH07o33sxZ6ooFw
Frame ID: 0CF43F4A23A885AEE5FC711F42D4DB60
Requests: 4 HTTP requests in this frame

Frame: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 742563B8134E26847E3DADAA5DA8FC6C
Requests: 1 HTTP requests in this frame

Frame: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35A77709A3F55D53A034D6DE1F499ABA
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A316B43F9E619A0EED3DCD75CCF6C767
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8DB4E852B162813F1F0F843C4E01D14
Requests: 2 HTTP requests in this frame

Frame: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
Frame ID: 30E2D38DC7D2764E7BE9492BE46017C1
Requests: 33 HTTP requests in this frame

Frame: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Frame ID: 90F7F98C79EB646CEA0FD520347369A7
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3FA56812F5B7CE00E4230E406EC9B5A0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sahibinden.scrsafepay.com
Frame ID: 7DD1F791988370526ADA7A95A83E8FD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REDMİ NOT 8 PRO 64 6 Tertemiz sahibinden.comda - 1073391239

Detected technologies

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

114
Requests

96 %
HTTPS

73 %
IPv6

21
Domains

28
Subdomains

27
IPs

6
Countries

2259 kB
Transfer

5622 kB
Size

6
Cookies

88 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/tr/app/sahibinden.com-mobil/id418535251?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sahibinden

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/
Title: sahibinden.com anasayfasına dön

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/arama/detayli
Title: Detaylı Arama

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/giris
Title: Giriş Yap

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/kayit
Title: Hesap Aç

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/favori-ilanlar
Title: Favori İlanlarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilan-ver/adim-1/?state=new
Title: Ücretsiz* İlan Ver

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-ekle/adim-1
Title: Ekspertiz Raporu Oluştur

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/bilgilerim
Title: Fotoğraf Ekle

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/
Title: Bana Özel Özet

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilanlarim
Title: İlanlarım

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/odeme?hideSteps=true
Title: Sepetim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/magazam/toplu-doping
Title: Doping Satın Al

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/mevcut-siparislerim
Title: Siparişlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/satistaki-urunlerim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/alim-islemlerim
Title: Alım İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/satis-islemlerim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/kargolayacaklarim
Title: Satış İşlemlerim

Search URL Search Domain Scan URL

URL: https://www.sahibindenakademi.com/
Title: Sahibinden Akademi

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/magazam/icerik
Title: Mağazam

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/emlak-ofisim
Title: Emlak Ofisim

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cikis
Title: Çıkış Yap

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/mesajlarim
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/bilgilendirmeler
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilanlarim/pasif
Title: Yayında Olmayanlar

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-raporlarim?reportStatus=U
Title: ilana eklenmeyenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ekspertiz-raporlarim?reportStatus=B
Title: ilana eklenenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/alicidan-onay-beklediklerim
Title: Alıcıdan Onay Beklediklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/basarili-satislarim
Title: Başarılı Satışlarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/param-guvende/iade-edilenler
Title: İade Edilenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/iade-islemlerim
Title: İade İşlemlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/tamamlananlar
Title: Tamamlananlar

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/get
Title: Mesafeli Satış Sözleşmelerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kargolayacaklarim
Title: Kargolayacaklarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/alicidan-onay-beklediklerim
Title: Alıcıdan Onay Beklediklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/basarili-satislarim
Title: Başarılı Satışlarım

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/iade-edilenler
Title: İade Edilenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/satista-olmayan-urunlerim
Title: Satışta Olmayan Ürünlerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kapora/gonderilen
Title: Gönderdiklerim

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/kapora/alinan
Title: Gelenler

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/favori-aramalarim
Title: Favori Aramalarım'a Git

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/sifre-belirle
Title: Şifre Belirle

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/bireysel-uyelik-sozlesmesi-0
Title: Bireysel Hesap Sözleşmesi ve Ekleri

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Gizlilik Politikası

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Kullanım Koşulları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cikis?returnUrl=/kayit/
Title: Hesap Aç

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cikis?returnUrl=/giris
Title: Giriş Yap

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/arama?userId=auSScku2SW28L7YVILmtGqQ
Title: Tüm İlanları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/satici-profili/mmedet46/
Title: Profili

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/ilan-sahibine-soru-sor/2321891821
Title: Mesaj Gönder

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cikis?returnUrl=%2Fkayit%2F
Title: Hesap Aç

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/cikis?returnUrl=%2F/giris
Title: Giriş Yap

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/param-guvende/bireysel
Title: S-Param Güvende

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/guvenli-alisverisin-ipuclari/?shopping=pg#shopping
Title: tıklayın

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/destek
Title: bize haber veriniz.

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?q=&layer=c&cbll=38.73384696428572,35.51062182142858&cbp=11,0,0,0,0

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/guvenli-alisverisin-ipuclari/#shopping
Title: Güvenli Alışverişin İpuçları için tıklayın.

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kurumsal/hakkimizda/
Title: Hakkımızda

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/ikinci-elde-gelecek-var
Title: Sürdürülebilirlik

Search URL Search Domain Scan URL

URL: https://s-kariyer.com/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kurumsal/haberler/
Title: Haberler

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/kurumsal/iletisim/
Title: İletişim

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/doping-tanitim/
Title: Doping

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/guvenli-e-ticaret
Title: Güvenli e-Ticaret (GeT)

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/toplu-urun-girisi
Title: Toplu Ürün Girişi

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/reklam/
Title: Reklam

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sahibinden-dogal-reklam/
Title: sahibinden Doğal Reklam

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/mobil
Title: Mobil

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/neden-magaza
Title: Neden Mağaza?

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/magaza-ac?sizi-arayalim
Title: Mağaza Açmak İstiyorum

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/guvenli-alisverisin-ipuclari/
Title: Güvenli Alışverişin İpuçları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/
Title: Sözleşmeler ve Kurallar

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/kullanim-kosullari-35
Title: Kullanım Koşulları

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/site-haritasi
Title: Site Haritası

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/kisisel-verilerin-korunmasi-58
Title: Kişisel Verilerin Korunması

Search URL Search Domain Scan URL

URL: https://yardim.sahibinden.com/hc/tr
Title: Yardım ve İşlem Rehberi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sahibindencom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/sahibindencom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sahibinden-com
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sahibindencom/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/sahibindencom
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.guvendamgasi.org.tr/firmadetay.php?Guid=25680f1d-270b-11ea-991b-48df373f4850

Search URL Search Domain Scan URL

URL: https://etbis.eticaret.gov.tr/sitedogrulama/A5A0C8D9C9844AA4881F75323D212DA1

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/kayit?returnUrl=https://www.sahibinden.com/param-guvende/hemen-al?classifiedId=1076254580&quantity=1
Title: Hesap Aç

Search URL Search Domain Scan URL

URL: https://secure.sahibinden.com/sifremi-unuttum
Title: Şifremi Unuttum

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/kisisel-verilerin-korunmasi-ve-islenmesi-hakkinda-bilgilendirme-58
Title: buradan

Search URL Search Domain Scan URL

URL: https://www.sahibinden.com/sozlesmeler/sahibindencom-cerez-politikasi-47
Title: Çerez Aydınlatma Metni’ni

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://trgde.adocean.pl/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V-K1oiXE6pVrki8NIHeDhbLqmADKdTiAd1yW8IvifbCFPv7oPEfvddqUBW-PJHRBC1dPcMQ2fejYrkYci8VZFaNF7RgWeE7iP79ZS4DjgiAKVYigwjoaUbE2g8s__kf4cQCgY9VTjWO3QuxB5VZub-ePffpG5LUvxVriU_evjkJqtlaahVtS4P7ukP7lXz5sWFOr3PRs0tU3n9uaa2tiivhB-eaTbrmAN6o-wnQ0-hnKXIrYzGx3Xxqryc1VizfqadBEEletVKDJYGAhGWp0bDc9a5nHRFbM6eWnC2tXtiW2l93E3_BAJL0I0mNJ9Bhl5r0FP59GOILy8xBTw%2526sai%253DAMfl-YSCh2u4Uue78F6Dg1bWP1NFlD8MLK3v3-5JhmzPwpr6lhe55UiMrtGqtztTU3IlLld9dVDuqammra3TY0TxSMf3RuTVAwWlT0Iwic2BWmaw_H1SfOHhQelvX_MV-5ZcCboQ6mTs3ajF8JSg6RE%2526sig%253DCg0ArKJSzNTq7FmB2HXZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D HTTP 301
https://trgde.adocean.pl/__/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V-K1oiXE6pVrki8NIHeDhbLqmADKdTiAd1yW8IvifbCFPv7oPEfvddqUBW-PJHRBC1dPcMQ2fejYrkYci8VZFaNF7RgWeE7iP79ZS4DjgiAKVYigwjoaUbE2g8s__kf4cQCgY9VTjWO3QuxB5VZub-ePffpG5LUvxVriU_evjkJqtlaahVtS4P7ukP7lXz5sWFOr3PRs0tU3n9uaa2tiivhB-eaTbrmAN6o-wnQ0-hnKXIrYzGx3Xxqryc1VizfqadBEEletVKDJYGAhGWp0bDc9a5nHRFbM6eWnC2tXtiW2l93E3_BAJL0I0mNJ9Bhl5r0FP59GOILy8xBTw%2526sai%253DAMfl-YSCh2u4Uue78F6Dg1bWP1NFlD8MLK3v3-5JhmzPwpr6lhe55UiMrtGqtztTU3IlLld9dVDuqammra3TY0TxSMf3RuTVAwWlT0Iwic2BWmaw_H1SfOHhQelvX_MV-5ZcCboQ6mTs3ajF8JSg6RE%2526sig%253DCg0ArKJSzNTq7FmB2HXZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Request Chain 80

https://gdetr.hit.gemius.pl/_1682543928224/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/fastid=cqrhibykibktakjtozkdyunccbkp/stparam=ymnepwpmgm&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D1%7Cifrv%3D98%7Cifrw%3D300%7Cifrh%3D250%7Cxref%3Dhttps%3A%2F%2Fsahibinden.scrsafepay.com%7Ctq%3D1%7Chct%3D633&lsdata=.66LY69I7dMq77HekmEBbFYR8Lc4xa8P8M2Y_ZZTVBf.N7VzEghU7VCYGULMlrXaDv7bBijBmgo1qt2eztx0JPd.0I9N/UQihhQ.x0pRfD/&href=https%3A%2F%2F6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fsahibinden.scrsafepay.com%2Filan%2FREDM%25C4%25B0%2520NOT%25208%2520PRO%252064%25206%2520Tertemiz%2F125500f5-20aa-4b7e-8e9e-78f0b94865ef%2Fdetay HTTP 301
https://gdetr.hit.gemius.pl/__/_1682543928224/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/fastid=cqrhibykibktakjtozkdyunccbkp/stparam=ymnepwpmgm&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D1%7Cifrv%3D98%7Cifrw%3D300%7Cifrh%3D250%7Cxref%3Dhttps%3A%2F%2Fsahibinden.scrsafepay.com%7Ctq%3D1%7Chct%3D633&lsdata=.66LY69I7dMq77HekmEBbFYR8Lc4xa8P8M2Y_ZZTVBf.N7VzEghU7VCYGULMlrXaDv7bBijBmgo1qt2eztx0JPd.0I9N/UQihhQ.x0pRfD/&href=https%3A%2F%2F6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fsahibinden.scrsafepay.com%2Filan%2FREDM%25C4%25B0%2520NOT%25208%2520PRO%252064%25206%2520Tertemiz%2F125500f5-20aa-4b7e-8e9e-78f0b94865ef%2Fdetay

114 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request detay Show response
sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/ 229 KB
70 KB 86ms
51ms Document
text/html 2606:4700:3034::6815:2f60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2f60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11ac2b44ab1fd282b7d1fe9afd6a606cfa20e4d201cfbd704920eca2b3778a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7be1dc316c29bb83-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 21:18:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHrvzSqxFnd7fnzVHgO0Y4PrPpg%2BOaUqmElGnKtA78XfHDhMKrEuZdCXPpBcypTBh4JV1XQwCoYA5JfRIiBC8RTics2MrV%2FzMFg76JB9WlJGMNn%2Fww3ikFqjT1JgSgauw433p4810gM1BRM%2FwH2%2F267lVBwjOPtG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 OtAutoBlock.js Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/ 13 KB
3 KB 97ms
68ms Script
application/x-javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/OtAutoBlock.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0a8a455421b978bb6aa5eb32fdf6f318a46f4985556b25844d12b5ace0767e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: iCPAclCZ2WKJnLXcpMHrSg==
age: 51114
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3238
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jan 2023 08:43:34 GMT
server: cloudflare
etag: 0x8DAEFC218F5B6D0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0bc76093-301e-006a-2f43-6c7830000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7be1dc32089c9259-FRA

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 56ms
28ms Script
application/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: +GAQ9uZzuyMATxU6dGRBFA==
age: 51310
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6741
x-ms-lease-status: unlocked
last-modified: Tue, 11 Apr 2023 19:20:00 GMT
server: cloudflare
etag: 0x8DB3AC1BEC5BA19
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36457fbd-401e-0021-0f0c-6d49aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7be1dc32189e9259-FRA
expires: Thu, 27 Apr 2023 21:18:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 106ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

303488f4f7cc35f0a2a580ec2ca17dbe317dacfcd1670bf836b55cb5ea2b5acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24719
x-xss-protection: 0
server: cafe
etag: 318 / 19473 / 31074122 / config-hash: 12060456894637157410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 21:18:46 GMT

GET
H2 200 common:2a82107b2f1822aa16d7c82ab20608bd.css
s0.shbdn.com/assets/ 223 KB
39 KB 322ms
47ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

8b5457b9a166e5a12bcb1a0397aac8abb187ab29f8ae0cc7f4ab5f6197674d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 11 Jan 2023 09:32:22 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 9114090
content-length: 39602
x-secure-option: secure
last-modified: Wed, 11 Jan 2023 07:24:02 GMT
server: Sahibinden Web Servers
etag: W/"63be6412-37d6e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
s0.shbdn.com/assets/ 537 KB
94 KB 411ms
137ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

475278b0d314514796bf3975e76512cf921d3a38780993d561eb693561020d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Tue, 24 Jan 2023 10:59:52 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 7985696
content-length: 95621
last-modified: Mon, 23 Jan 2023 10:27:10 GMT
server: Sahibinden Web Servers
etag: W/"63ce60fe-863ae"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/1.3.1/ 31 KB
11 KB 54ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/1.3.1/axios.min.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd5c21becc119fd932a6ee293112bc4198207071e3240c9a76c2dc62c5c4da00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 276816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10634
last-modified: Wed, 01 Feb 2023 23:35:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63daf72b-298a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3QRafFSsZLIY5%2B5CilsrUWSTNIT4n4TKfI5JGNpcS5It13wXSaimGKdETAmYXCSWrn4UmZC4yOObH2qhZjlM1sHBBRUbtQgtbwnchUGu0oCpH0sYjO9xhDkOoU1Ltc%2FL0wA%2BCJF0Lp7BJWvlB5Tz3E0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7be1dc3208dc2bfa-FRA
expires: Mon, 15 Apr 2024 21:18:46 GMT

GET
H2 200 0
sahibinden.scrsafepay.com/storage/links/125500f5-20aa-4b7e-8e9e-78f0b94865ef/images/ 268 KB
268 KB 37ms
35ms Image
application/octet-stream 2606:4700:3034::6815:2f60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sahibinden.scrsafepay.com/storage/links/125500f5-20aa-4b7e-8e9e-78f0b94865ef/images/0

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2f60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e0ef67705fb2b19120fd38c35c2d43444b8d80f422978f86bcc7b7ddb0b6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Apr 2023 18:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644821e4-42ee3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP4TXLmRV9quvUzPM3O9UuxQb207KnQiFDnUgBK9omPC2tYk15vPLLth%2B%2BZkuVM%2BJ6AG4r849yEBn%2BSS5EXXN3ZzfljdYMZpGRNI8NxvocYrxZKa65293w6IeyJ8JUjy4KifB6X2zkPZr%2BHqbheXPp2fXQyMkk4B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 7be1dc34d905bb83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 274147

GET
H2 200 1
sahibinden.scrsafepay.com/storage/links/125500f5-20aa-4b7e-8e9e-78f0b94865ef/images/ 148 KB
148 KB 36ms
35ms Image
application/octet-stream 2606:4700:3034::6815:2f60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sahibinden.scrsafepay.com/storage/links/125500f5-20aa-4b7e-8e9e-78f0b94865ef/images/1

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2f60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d35681e96b87339ee5c6c86bf18f084f175cb5d59a20873aeb9c0b6872c6cbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Apr 2023 18:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644821e4-24ec7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTWJlDBAIQJcynvKg4mPC1F3X0xYX9Y%2B3jgvLBZdNmg9KCq7CwRVG6fF1fHqWUD0LULjp15Q81%2FGq0Vj8Y%2BbuNNIE6YJ%2BLEY8YLvPQLiETjsSx37xMF5r8eT8Jxvqhc%2FKzOZuwQuSfG8YshZb9KMJmoRCWm5Ay5I"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 7be1dc34d907bb83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151239

GET
H2 200 prebid:35802e87d11a2ce2ec228c6e38acf487.js Show response
s0.shbdn.com/assets/ 185 KB
70 KB 70ms
69ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 04 Jan 2023 10:00:22 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 9717183
content-length: 71577
last-modified: Wed, 04 Jan 2023 05:53:54 GMT
server: Sahibinden Web Servers
etag: W/"63b51472-2e4f6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 common:9f4a897fbafd9bfbe9051eba7f7fc601.js Show response
s0.shbdn.com/assets/ 472 KB
171 KB 48ms
46ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

aaf551f850f010ff4b1538b7ff62ef0703b91849cc4962665d33e6312aa1b5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Tue, 24 Jan 2023 04:09:33 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 8010315
content-length: 173782
last-modified: Mon, 23 Jan 2023 10:29:36 GMT
server: Sahibinden Web Servers
etag: W/"63ce6190-75e15"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js Show response
s0.shbdn.com/assets/ 14 KB
5 KB 46ms
44ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

0adf0bce9c69989950d0134f3b0a6022a98c180b76cb8a28bfaaab5187020f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 04 Jan 2023 10:00:22 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 9717183
content-length: 4858
last-modified: Wed, 04 Jan 2023 05:53:54 GMT
server: Sahibinden Web Servers
etag: W/"63b51472-39ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 classifiedDetail:f39a9a2ee973ea563946c9fbefaacac8.js Show response
s0.shbdn.com/assets/ 880 KB
301 KB 46ms
45ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/classifiedDetail:f39a9a2ee973ea563946c9fbefaacac8.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

dd62305a57c183e84c3a941c307cb54a67aeda4c353b36bfa951743a70a46c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Tue, 24 Jan 2023 10:59:52 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 7985697
content-length: 305736
last-modified: Mon, 23 Jan 2023 10:29:36 GMT
server: Sahibinden Web Servers
etag: W/"63ce6190-dbf8e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 lastScripts:cfa5d49129048f4e398f292f2accea2c.js Show response
s0.shbdn.com/assets/ 47 B
153 B 49ms
47ms Script
application/javascript 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/lastScripts:cfa5d49129048f4e398f292f2accea2c.js

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 04 Jan 2023 10:45:16 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
content-encoding: gzip
age: 9714488
content-length: 67
x-secure-option: secure
last-modified: Wed, 04 Jan 2023 05:53:54 GMT
server: Sahibinden Web Servers
etag: W/"63b51472-2f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
DATA 200
OK truncated
/ 35 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 header:052021775b36a00993ef761643a87e8a.png
s0.shbdn.com/assets/images/ 47 KB
47 KB 64ms
64ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/header:052021775b36a00993ef761643a87e8a.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

8812cc00a2600bfae283d99f05c3d302da94432265c0e796f62f0c55a8eba9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Tue, 10 Jan 2023 13:48:52 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9185100
content-length: 48077
x-secure-option: secure
last-modified: Tue, 10 Jan 2023 10:46:52 GMT
server: Sahibinden Web Servers
etag: "63bd421c-bbcd"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 detail:09f7b52d46bd89fa5af69e73f7b57fa4.png
s0.shbdn.com/assets/images/ 14 KB
14 KB 62ms
62ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/detail:09f7b52d46bd89fa5af69e73f7b57fa4.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f27485407773be13e4df8c678ad4af4570780a3320bd8cd154713625c8aa777b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Mon, 09 Jan 2023 12:13:40 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9277213
content-length: 13851
x-secure-option: secure
last-modified: Mon, 09 Jan 2023 09:49:06 GMT
server: Sahibinden Web Servers
etag: "63bbe312-361b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 paylas:5096d03da35a68192ad5e01630f43a89.png
s0.shbdn.com/assets/images/ 2 KB
3 KB 60ms
59ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/paylas:5096d03da35a68192ad5e01630f43a89.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

62b23ecdcee679aabc4fa26cf7b785344f4bb4054f307e950366d47bac0b99b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Mon, 09 Jan 2023 14:26:39 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9269233
content-length: 2548
x-secure-option: secure
last-modified: Mon, 09 Jan 2023 13:11:42 GMT
server: Sahibinden Web Servers
etag: "63bc128e-9f4"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 loader:0f43051b46e51ba06afbadd25b11b18b.gif
s0.shbdn.com/assets/images/ 3 KB
3 KB 59ms
59ms Image
image/gif 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/loader:0f43051b46e51ba06afbadd25b11b18b.gif

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

fb1e90c85c0acdd7385fd6ed433064ab8dde048e9b9eee8ec613ac931f32c945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 04 Jan 2023 09:50:32 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9717773
content-length: 2883
x-secure-option: secure
last-modified: Wed, 04 Jan 2023 05:50:20 GMT
server: Sahibinden Web Servers
etag: "63b5139c-b43"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 video_passive:35648402316781a17a3929eb3ee0d540.png
s0.shbdn.com/assets/images/ 292 B
376 B 59ms
59ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/video_passive:35648402316781a17a3929eb3ee0d540.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

95a74e168be9430efa6fd93474d7b6b5640d7c6d6b1ee65f6bd1e04390eb7606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 04 Jan 2023 19:19:51 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9683614
content-length: 292
x-secure-option: secure
last-modified: Wed, 04 Jan 2023 05:50:20 GMT
server: Sahibinden Web Servers
etag: "63b5139c-124"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 classifiedPriceHistory:cf599a98c9b0f2a2539c2b19f28b9452.png
s0.shbdn.com/assets/images/ 10 KB
11 KB 59ms
59ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/classifiedPriceHistory:cf599a98c9b0f2a2539c2b19f28b9452.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

9fc2456f86ccef56926373548f09363de2d2124a2b694a4a5c29a27d2d86d7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Mon, 09 Jan 2023 14:26:39 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9269233
content-length: 10642
x-secure-option: secure
last-modified: Mon, 09 Jan 2023 13:11:44 GMT
server: Sahibinden Web Servers
etag: "63bc1290-2992"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 classifiedDetail:78e5078d0ca5926bf90a3b1f530ba8f0.png
s0.shbdn.com/assets/images/ 77 KB
78 KB 84ms
84ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/classifiedDetail:78e5078d0ca5926bf90a3b1f530ba8f0.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

04494b9f6615125922301037d9a4ff133e3c083682a8b1a0b2c8e727fcc9b574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Mon, 09 Jan 2023 14:34:21 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9268771
content-length: 78694
x-secure-option: secure
last-modified: Mon, 09 Jan 2023 13:11:44 GMT
server: Sahibinden Web Servers
etag: "63bc1290-13366"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 classifiedDetail:befe607f6b4449467e8debc0284369ce.png
s0.shbdn.com/assets/images/ 31 KB
32 KB 96ms
96ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/classifiedDetail:befe607f6b4449467e8debc0284369ce.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

57aeb4eff25bc8a07d4f3a5c1bebbfec07bd486523e0f5279f71ab3e073fa74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Mon, 09 Jan 2023 14:26:39 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9269233
content-length: 31994
x-secure-option: secure
last-modified: Mon, 09 Jan 2023 13:11:44 GMT
server: Sahibinden Web Servers
etag: "63bc1290-7cfa"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 sellerProfile:11a9c57bcf91f7f30bb85d38ab05ac37.png
s0.shbdn.com/assets/images/ 7 KB
7 KB 100ms
99ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/sellerProfile:11a9c57bcf91f7f30bb85d38ab05ac37.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

37d3d4785b04d5be22fd81e7b22170c7e9e6b1f66763c15dbcd860622954bf53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 5,8080
date: Wed, 18 Jan 2023 19:05:19 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 8474942
content-length: 7409
x-secure-option: secure
last-modified: Wed, 18 Jan 2023 10:06:32 GMT
server: Sahibinden Web Servers
etag: "63c7c4a8-1cf1"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 10:9367b4efdc17ff6313e3bbbc3550afbe.png
s0.shbdn.com/assets/images/ 2 KB
2 KB 100ms
100ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/10:9367b4efdc17ff6313e3bbbc3550afbe.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

148499dce2da6272593a36cfab771b974458f254e62826fa2eb118b610ceb832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Wed, 04 Jan 2023 19:24:06 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9683359
content-length: 1991
x-secure-option: secure
last-modified: Wed, 04 Jan 2023 05:50:20 GMT
server: Sahibinden Web Servers
etag: "63b5139c-7c7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 footer:897327958bad301977bab9f9cf429b01.png
s0.shbdn.com/assets/images/ 6 KB
6 KB 100ms
100ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/footer:897327958bad301977bab9f9cf429b01.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

6557336e1ec45c09ccce3aa2bd88c82d3ba57cd2163218fe75d14caea3830181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 3,8080
date: Mon, 09 Jan 2023 11:48:56 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9278697
content-length: 6311
x-secure-option: secure
last-modified: Mon, 09 Jan 2023 09:49:08 GMT
server: Sahibinden Web Servers
etag: "63bbe314-18a7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
s0.shbdn.com/assets/images/ 2 KB
2 KB 100ms
100ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

f5f6bdd8c7b8e9421a4a9a192b5964d536f0e6f114a7729d14342024896da804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 6,8080
date: Wed, 04 Jan 2023 11:20:48 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9712357
content-length: 2346
last-modified: Wed, 04 Jan 2023 05:50:22 GMT
server: Sahibinden Web Servers
etag: "63b5139e-92a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 400 39228
tags.bluekai.com/site/ 0
0 285ms
240ms Script
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/39228?ret=js
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3 404 dynamicParameter Show response
sahibinden.scrsafepay.com/ajax/ 72 B
517 B 248ms
248ms XHR
application/json 2606:4700:3034::6815:2f60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sahibinden.scrsafepay.com/ajax/dynamicParameter?paramName=FEATURE_DISCOVERY_DISPLAY_FREQUENCY
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2f60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a087d1978632c33494d281fd9f7cf27c770df3a79f2bcbba87247acbbfa207f8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUHJPcQzlinXKKfLKy1OppbbHNrWnX%2BxmSfa%2FzReEUiOqwkYY2xzZgOeDqGfVO0a%2F1OluRNTeipK9lOwrE7gWWeiNxW4VCv0ciUlFsMyt6%2FT1IeE79E3u3pKR%2Fx39HRupAMy%2BgwwMBFwR5cXj1n8GHzrxbb5QQIg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 7be1dc371c4f3814-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F35A 50 KB
28 KB 271ms
38ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO2L0ZAAAAAPx76ulSR5rhwmAD-wBiAxUlfA7Q&co=aHR0cHM6Ly93d3cuc2FoaWJpbmRlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=3sf8m78axnm6

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

68a82d2c051afeb93c8a418d704c55a254b9394ad69ad6d60fdc5c9b75fc7591

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8CEKfzBOiU-yEKDQVZvK6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28058
content-security-policy: script-src 'report-sample' 'nonce-8CEKfzBOiU-yEKDQVZvK6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 403 button Show response
accounts.google.com/gsi/ Frame 0CF4 1 KB
1 KB 264ms
62ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=320&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_42511_452900&as=wPiH4REMH07o33sxZ6ooFw

Requested by

Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dca087d31986f2710a31d983843aa56d016d278bb316cd3d74f5deb6700236ab

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-BbKx19JjjTbKOma8UISGgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-BbKx19JjjTbKOma8UISGgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9f768f58-cb4a-4de6-83e2-f8d83f22909b.json Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/ 3 KB
2 KB 251ms
59ms XHR
application/x-javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/9f768f58-cb4a-4de6-83e2-f8d83f22909b.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ec648faeffb58f7840a24eb475254203b7a0221ca42c71f47489fa22443564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UMc2YkESAe1aIUEJ3kAtwA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1430
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jan 2023 08:43:31 GMT
server: cloudflare
etag: 0x8DAEFC21722CBC6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 52c42a44-001e-0040-6e46-780d75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7be1dc373cb2bb41-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/ 399 KB
124 KB 173ms
172ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 15:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20180
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126426
x-xss-protection: 0
server: cafe
etag: 12107163058553792566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Apr 2024 15:42:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 47 B
75 B 227ms
43ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sahibinden.scrsafepay.com

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39a1898d84b44f2db555eb4633928be8faedb0cb62fc2535b07b6414e836a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Wed, 26 Apr 2023 21:18:46 GMT

POST info
banaozel.sahibinden.com/ajax/login/ 0
0

GET
H2 200 ui-bg_highlight-soft_100_eeeeee_1x100:384c3f17709ba0f809b023b6e7b10b84.png
s0.shbdn.com/assets/images/ 90 B
172 B 189ms
189ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/ui-bg_highlight-soft_100_eeeeee_1x100:384c3f17709ba0f809b023b6e7b10b84.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-proxy: tmll-204 4,8080
date: Wed, 04 Jan 2023 12:41:20 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
age: 9707525
content-length: 90
last-modified: Wed, 04 Jan 2023 05:50:22 GMT
server: Sahibinden Web Servers
etag: "63b5139e-5a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H3 404 2321891821 Show response
sahibinden.scrsafepay.com/ajax/counter/increment/ 84 B
601 B 167ms
167ms XHR
application/json 2606:4700:3034::6815:2f60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sahibinden.scrsafepay.com/ajax/counter/increment/2321891821
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2f60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ae7cfe10f5fe2a8b87d48fd3b0391d9d53d8b38cfa9bae76be7725bd02e5a8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc1%2BPEKpIQ2ZHtq51B6wRfSIGd0Xx4sGqny91nJ%2B0nRZZ33M%2BhAnrwr8epd3b%2FndCMy6La9rHu%2BJSMBRxk2rJ0LMQczNCbgkui2Tv6vG8VZ2HX%2FyFeVlj%2FWm3ECSKccPR%2F3PrdJYJ5nUiUiFa8cdtkf%2BjeuKzope"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://sahibinden.scrsafepay.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7be1dc371c503814-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 37ms
16ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230426

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66942b2dcc41fb0d80feea6e421a4edc17de0d2f91b64b0204522b772ecbad15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19078
x-jsd-version: 1.0.1686
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7021-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-Q/Xo+acTDoNrUGqmAPu10is7+hM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuvR%2BPA73jT1QzFPNxPm6vBpCk4NfrVfbhzuoDaYQBSlHigKS2QwibwP%2FcN%2BoNtU%2F65Blh%2FapQxVsQB%2BDOyS44cVkewQTGzZ4yWbFfhT1%2Bugc3%2ByUfIuQ%2BARwlV56OzAv8oHukkoGN3B%2FCb1RhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7be1dc378f989a12-FRA

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
617 B 113ms
24ms XHR
application/json 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTY4MDIzMyZwcmljZVR5cGU9bmV0JnJjdXI9VFJZJnRyYW5zYWN0aW9uSWQ9NWI5OWIyMmYtNmY0Mi00NGY1LWJhYjEtZGUyMDgzMjU4Yzhk&bWlkPTc5OTI5OCZwcmljZVR5cGU9bmV0JnJjdXI9VFJZJnRyYW5zYWN0aW9uSWQ9NGJhODcwMGMtYTllNy00YmI2LWE1MTUtYTM3MmY3Zjc4YTM3&pt=net&stid=3e301f9d-73a6-4771-bb40-0795f9698ef9&gdpr=1&gdpr_consent=CPNBuu4PNBuu4AcABBENBtCgAEAAAAAAACaIAAAAAAAA&fd=1

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://sahibinden.scrsafepay.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
227 B 63ms
19ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=42629074189

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sahibinden.scrsafepay.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 dsh Show response
hb.adscale.de/ 11 B
243 B 36ms
9ms XHR
text/plain 52.57.72.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adscale.de/dsh
Requested by: Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.72.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-72-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: gzip
vary: origin
content-type: text/plain
access-control-allow-origin: https://sahibinden.scrsafepay.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none

GET
H3 404 celebrity_indicate_right_top_web:4a143102619e2856355174a0c3c09525.png
sahibinden.scrsafepay.com/assets/images/ 6 KB
6 KB 40ms
39ms Image
text/html 2606:4700:3034::6815:2f60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sahibinden.scrsafepay.com/assets/images/celebrity_indicate_right_top_web:4a143102619e2856355174a0c3c09525.png
Requested by: Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2f60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4JQiFJdknXgmAuvB%2Bid0HN1qpz%2FO6r67qLrfWf6mmX4Umdjv4sQnSowUG3BA9qCAvKrj3D48QK1oxQI%2Bnf7SFEhlANv8mXF18sLtYxsXU0OgYphyM3QS%2FgLm66ZcUQf15snXl53Ze7mq7nsh8EGLeV50REm5Qfv"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 7be1dc377cbd3814-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/ 311 KB
74 KB 27ms
26ms Script
application/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:46 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 51223
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:26:00 GMT
server: cloudflare
etag: 0x8D95C3D1199287D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1a12f89e-401e-0008-4243-6c3fe8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7be1dc379cf29259-FRA
expires: Thu, 27 Apr 2023 21:18:46 GMT

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame F35A 0
0 79ms
49ms Stylesheet
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO2L0ZAAAAAPx76ulSR5rhwmAD-wBiAxUlfA7Q&co=aHR0cHM6Ly93d3cuc2FoaWJpbmRlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=3sf8m78axnm6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame F35A 0
0 171ms
142ms Script
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO2L0ZAAAAAPx76ulSR5rhwmAD-wBiAxUlfA7Q&co=aHR0cHM6Ly93d3cuc2FoaWJpbmRlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=3sf8m78axnm6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 0CF4 0
0 52ms
20ms Other
text/html 2a00:1450:4001:82f::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: sahibinden.scrsafepay.com
URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://accounts.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 m=credential_button_library
ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.8qDVaJ1YQUU.L.W.O/am=cg/d=1/rs=AF0KOtUOxgUhTozSzmUunp8bVNANbCL0dQ/ Frame 0CF4 7 KB
2 KB 40ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.8qDVaJ1YQUU.L.W.O/am=cg/d=1/rs=AF0KOtUOxgUhTozSzmUunp8bVNANbCL0dQ/m=credential_button_library

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=320&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_42511_452900&as=wPiH4REMH07o33sxZ6ooFw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Apr 2023 18:04:20 GMT
age: 357267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1753
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 06:17:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="csi-web-eng"
vary: Accept-Encoding
report-to: {"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 18:04:20 GMT

GET
H2 200 m=credential_button_library Show response
ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.5E0SE2D-rLs.O/am=cg/d=1/rs=AF0KOtVK-PTbn3BryDxZb8L7lThtTU8oTw/ Frame 0CF4 96 KB
35 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.5E0SE2D-rLs.O/am=cg/d=1/rs=AF0KOtVK-PTbn3BryDxZb8L7lThtTU8oTw/m=credential_button_library

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ddfa8e93d0424d2d053327ef365a23f148f960aaf2b05c40a164a14a4c23e2e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 22:31:49 GMT
age: 168418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35976
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 19:20:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="csi-web-eng"
vary: Accept-Encoding
report-to: {"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 22:31:49 GMT

GET
H2 200 tr.json Show response
cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/3b4603d6-d32c-48e5-a49e-a908f2f68f9a/ 149 KB
28 KB 65ms
65ms Fetch
application/x-javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9f768f58-cb4a-4de6-83e2-f8d83f22909b/3b4603d6-d32c-48e5-a49e-a908f2f68f9a/tr.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5acbba0227483db5d08e62513dfc5aed271fbf89ae009e1900854d9956cf3902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: GYf0LJLydEqPsLdo16tHXw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 28871
x-ms-lease-status: unlocked
last-modified: Fri, 06 Jan 2023 08:43:35 GMT
server: cloudflare
etag: 0x8DAEFC219675ACD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d52d0db5-e01e-0041-3a46-780c88000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7be1dc37dd4cbb41-FRA

GET
H2 200 integrator.js Show response
adservice.google.dz/adsid/ 107 B
531 B 48ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dz/adsid/integrator.js?domain=sahibinden.scrsafepay.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 47ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sahibinden.scrsafepay.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 167ms
167ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1196461705445690&correlator=579955407097900&eid=31073318%2C31074122&output=ldjh&gdfp_req=1&vrg=202304240101&ptt=17&impl=fifs&npa=1&iu_parts=32607536%2Caddetail_300x250%2Caddetail_970x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C970x250%7C940x250&ifi=1&adks=3994822566%2C2091477338&sfv=1-0-40&eri=1&cust_params=cr_exchange%3Dyes%26classified_id%3D2321891821%26category_id%3D242416%26parent_id%3D17082%26country%3D1%26city%3D38%26district%3D2462%26town%3D513%26quarter%3D26433%26price%3D15000-20000%26fraction%3D0%26store_id%3D%26category_1%3D7%26category_2%3D4%26category_3%3D839%26category_4%3D17082%26category_5%3D242416%26ekran_boyutu%3D6.1_%27%27%26on_kamera%3D12_MP%26ram_bellek%3D4_GB%26renk%3DBeyaz%26garanti%3DDistrib%25C3%25BCt%25C3%25B6r_Garantili%26dahili_hafiza%3D128_GB%26i%25CC%2587sletim_sistemi%3DiOS%26kamera%3D12_MP%26kimden%3DSahibinden%26haseurotax%3Dfalse%26language%3Dtr%26dmp%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682543927082&lmt=1682543927&dlt=1682543926038&idt=893&adxs=1075%2C315&adys=518%2C1186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsahibinden.scrsafepay.com%2Filan%2FREDM%25C4%25B0%2520NOT%25208%2520PRO%252064%25206%2520Tertemiz%2F125500f5-20aa-4b7e-8e9e-78f0b94865ef%2Fdetay&frm=20&vis=1&psz=300x627%7C1118x2&msz=300x-1%7C1116x0&fws=0%2C4&ohw=0%2C1150&ga_vid=1646899897.1682543927&ga_sid=1682543927&ga_hid=165978406&ga_fc=false

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65d27641a3af6cf85102385d09d00531558481594198095b337c211052ad8ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10923
x-xss-protection: 0
google-lineitem-id: 6286957195,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430784475,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sahibinden.scrsafepay.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7425 6 KB
3 KB 61ms
16ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:47 GMT
expires: Thu, 25 Apr 2024 21:18:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/ 13 KB
3 KB 52ms
51ms Fetch
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:25:50 GMT
server: cloudflare
etag: 0x8D95C3D0BB3DAD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9d1195a9-901e-000a-0e46-783d12000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7be1dc389e29bb41-FRA
expires: Thu, 27 Apr 2023 21:18:47 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/ 20 KB
4 KB 109ms
109ms Fetch
text/css 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 21:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
x-ms-lease-status: unlocked
last-modified: Tue, 10 Aug 2021 20:26:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a7a70eb4-401e-0047-3946-78fbf0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7be1dc389e2cbb41-FRA
expires: Thu, 27 Apr 2023 21:18:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
63ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304240101&st=env

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b8e704d5901fe15e996062a63cc611a6aa8014e377d410ef9443cc7fe312de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11231
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 373 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d69d109cd164771ed1bc277c0657302d389cb463d1d39aa54c73f6bb350f165

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 21:18:47 GMT

GET
H2 200 container.html Show response
6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35A7 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:47 GMT
expires: Thu, 25 Apr 2024 21:18:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 35A7 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
URL: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Apr 2024 19:36:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35A7 158 KB
49 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
URL: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 21:18:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35A7 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutBERXQclfo39sm8iStx3r66cqJiffsGCPGpo-bWNBrPzk7_MqYykZMvlbV0qUfCMeGvquxQShdLdAt_Mxlrj05-R9GbAkOwLas2M0A6IGPRqzUhzyaNyFOMj1lLVxwF_jV5vMfq-YhnqzJKCOY1nGUxjCWoQmqqEWP5Hn8-AR_mZiSaWirSz__Z-1OfoLQIQrrRS0nJxLzS2TYyonHTgNyhIMbDnkXHY8QbCF9PlTH-M48qCB3irOggfaaJ5uO-HCDIORaWxTT6vLl_HqoTfnPI25ZgTX32WilXjwaTMrAc9YALU0Qv8XBK9A0yCqqeRh81s9DkzzR3-9xIJgEqN4tQ&sai=AMfl-YRMwl9SFBKjuqwzhTdYVrAAT5AeE7howxpCqcmX10rVdkP6HW3s-2UeQdrvLnWR8JdZfZfSgPesmaH-F5Tds3FX_qHOdl_0l23aG4z_Qe_HdFPdrFB3mTb2FdzElLeFySjCiyRIOt0hnbAu82g&sig=Cg0ArKJSzFM4ztJQzEGPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
URL: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 21:18:47 GMT

GET
H2

200

ad.js Show response
trgde.adocean.pl/__/_1682543927315/ Frame 35A7
Redirect Chain

https://trgde.adocean.pl/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V-K1...
https://trgde.adocean.pl/__/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V...

7 KB
2 KB

19ms
18ms

Script
application/x-javascript

37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trgde.adocean.pl/__/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V-K1oiXE6pVrki8NIHeDhbLqmADKdTiAd1yW8IvifbCFPv7oPEfvddqUBW-PJHRBC1dPcMQ2fejYrkYci8VZFaNF7RgWeE7iP79ZS4DjgiAKVYigwjoaUbE2g8s__kf4cQCgY9VTjWO3QuxB5VZub-ePffpG5LUvxVriU_evjkJqtlaahVtS4P7ukP7lXz5sWFOr3PRs0tU3n9uaa2tiivhB-eaTbrmAN6o-wnQ0-hnKXIrYzGx3Xxqryc1VizfqadBEEletVKDJYGAhGWp0bDc9a5nHRFbM6eWnC2tXtiW2l93E3_BAJL0I0mNJ9Bhl5r0FP59GOILy8xBTw%2526sai%253DAMfl-YSCh2u4Uue78F6Dg1bWP1NFlD8MLK3v3-5JhmzPwpr6lhe55UiMrtGqtztTU3IlLld9dVDuqammra3TY0TxSMf3RuTVAwWlT0Iwic2BWmaw_H1SfOHhQelvX_MV-5ZcCboQ6mTs3ajF8JSg6RE%2526sig%253DCg0ArKJSzNTq7FmB2HXZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by: Host: 6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
URL: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: e3ba947dece71511fd9f00f5c4c903705d7e31c483f92cd4d54d458909c2dbde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2047
expires: Tue, 25 Apr 2023 21:18:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Apr 2023 21:18:47 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V-K1oiXE6pVrki8NIHeDhbLqmADKdTiAd1yW8IvifbCFPv7oPEfvddqUBW-PJHRBC1dPcMQ2fejYrkYci8VZFaNF7RgWeE7iP79ZS4DjgiAKVYigwjoaUbE2g8s__kf4cQCgY9VTjWO3QuxB5VZub-ePffpG5LUvxVriU_evjkJqtlaahVtS4P7ukP7lXz5sWFOr3PRs0tU3n9uaa2tiivhB-eaTbrmAN6o-wnQ0-hnKXIrYzGx3Xxqryc1VizfqadBEEletVKDJYGAhGWp0bDc9a5nHRFbM6eWnC2tXtiW2l93E3_BAJL0I0mNJ9Bhl5r0FP59GOILy8xBTw%2526sai%253DAMfl-YSCh2u4Uue78F6Dg1bWP1NFlD8MLK3v3-5JhmzPwpr6lhe55UiMrtGqtztTU3IlLld9dVDuqammra3TY0TxSMf3RuTVAwWlT0Iwic2BWmaw_H1SfOHhQelvX_MV-5ZcCboQ6mTs3ajF8JSg6RE%2526sig%253DCg0ArKJSzNTq7FmB2HXZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Tue, 25 Apr 2023 21:18:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A316 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 16:04:05 GMT
expires: Thu, 25 Apr 2024 16:04:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A8DB 783 B
779 B 31ms
29ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1a9b88e1024d5714d1821221c3b309ee32959e167d23af8c69f681e40539ed8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HONO1_kiZStYcQUftlWAEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-HONO1_kiZStYcQUftlWAEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:47 GMT
expires: Wed, 26 Apr 2023 21:18:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame A316 36 KB
14 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:12:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A8DB 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304240101&jk=1196461705445690&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A316 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ijXlfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 xgde.js Show response
gdetr.hit.gemius.pl/gdejs/ Frame 35A7 56 KB
20 KB 71ms
20ms Script
application/x-javascript 178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: trgde.adocean.pl
URL: https://trgde.adocean.pl/_1682543927315/ad.js?id=wdIxnL9xXJ8V4ZJmbe4_FyC1IokPaF3GKcLQfVuB1fn.W7/nc=0/gdpr=0/gdpr_consent=/redir=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsud7V-K1oiXE6pVrki8NIHeDhbLqmADKdTiAd1yW8IvifbCFPv7oPEfvddqUBW-PJHRBC1dPcMQ2fejYrkYci8VZFaNF7RgWeE7iP79ZS4DjgiAKVYigwjoaUbE2g8s__kf4cQCgY9VTjWO3QuxB5VZub-ePffpG5LUvxVriU_evjkJqtlaahVtS4P7ukP7lXz5sWFOr3PRs0tU3n9uaa2tiivhB-eaTbrmAN6o-wnQ0-hnKXIrYzGx3Xxqryc1VizfqadBEEletVKDJYGAhGWp0bDc9a5nHRFbM6eWnC2tXtiW2l93E3_BAJL0I0mNJ9Bhl5r0FP59GOILy8xBTw%2526sai%253DAMfl-YSCh2u4Uue78F6Dg1bWP1NFlD8MLK3v3-5JhmzPwpr6lhe55UiMrtGqtztTU3IlLld9dVDuqammra3TY0TxSMf3RuTVAwWlT0Iwic2BWmaw_H1SfOHhQelvX_MV-5ZcCboQ6mTs3ajF8JSg6RE%2526sig%253DCg0ArKJSzNTq7FmB2HXZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: 243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20061
expires: Thu, 27 Apr 2023 21:18:47 GMT

GET
H2 200 billboard_gao_lib.async.js Show response
trgde.adocean.pl/files/js/ Frame 35A7 21 KB
5 KB 19ms
18ms Script
application/x-javascript 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trgde.adocean.pl/files/js/billboard_gao_lib.async.js?v=2
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 869a8671363a2e29ec0effa51a474f3bfaaed8ff1f8dc13bba8f9f2967893a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 13:58:58 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63B6D7A2000052D99D9C2A52"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=432000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5036
expires: Mon, 01 May 2023 21:18:47 GMT

GET
DATA 200
OK truncated
/ Frame 35A7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d568607d812e198ca7d8521bfefa280ca2db6a571d465e64bf5e679a3bee2542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 inscreen_lib.js Show response
gdetr.hit.gemius.pl/gdejs/ Frame 35A7 25 KB
10 KB 20ms
19ms Script
application/x-javascript 178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/inscreen_lib.js
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: c3b1ca5d98d4076ec5875d96d79179647df3148e16005ec6c2b7e131eabecbb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Nov 2018 10:03:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "5BFE68060000651BD04AF2C1"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 9748
expires: Thu, 27 Apr 2023 21:18:47 GMT

GET
H2 200 index.html Show response
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 178 KB
26 KB 21ms
20ms Document
text/html 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
Requested by: Host: trgde.adocean.pl
URL: https://trgde.adocean.pl/files/js/billboard_gao_lib.async.js?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: a8d327b81bc8dcaf5a59be967c4d8ab1b48d0ee00a7be3dc6964c38306e7cf85

Request headers

Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=4320000
content-encoding: gzip
content-length: 26108
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:47 GMT
etag: "64495EA70002C80CA812D1D4"
expires: Thu, 15 Jun 2023 21:18:47 GMT
last-modified: Wed, 26 Apr 2023 17:25:59 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GAD
vary: Accept-Encoding,Origin

GET
H2 200 xgde.html Show response
gdetr.hit.gemius.pl/gdejs/ Frame 90F7 303 B
315 B 48ms
48ms Document
text/html 178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 215
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:47 GMT
etag: "5996D7A50000012F9178E011"
expires: Thu, 27 Apr 2023 21:18:47 GMT
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 30E2 139 KB
48 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: trgde.adocean.pl
URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Apr 2023 21:20:41 GMT

GET
H2 200 xgde.js Show response
gdetr.hit.gemius.pl/gdejs/ Frame 90F7 56 KB
20 KB 53ms
53ms Script
application/x-javascript 178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: 243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gdetr.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20061
expires: Thu, 27 Apr 2023 21:18:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35A7 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOUvZuBQKeYhhsgrB5kQUxQbpa8ITKhlz7hWwCrcK_k7Ny3H6FbM710H7Ksbl39KPQaWRQ4XzOPx-sy9nJt6GPzTL-fuEo0TTjjd0pa6RcUOq3xDue2odZkRbv2FNHqEVrLi-RcaGo1mdm-iDUrlukOk4QCXUT4dBkEXnmYsnTpgbTYl1OLhI1LtifBicSw8jnzrxaXquTWER3LecnjYJxAewunq2Rm1Nuzy3nnOw2ct4-bqBm3Zv4UFUAYpYoBeOJsd7UmQhuDkbqQTJVyTh10VSJaody2Uomr7pPlldLfB2Ic2tjSburT0wlozFT7gf6sxfsx3NqxxcKy2VyJn3jJCHa&sai=AMfl-YS-xcffIeHueEAZsvuoTP1FR4XkO9vxev_yzJUP9bqh5V6YihsDrzp4kbB-VFYIFClApWa-yd3L912wsNeTpujP9nNfqQQiInLYgzUFoagh60U4jAYk4RxikIEgYLTPo94MvPBwcBGZoNTI1zQ&sig=Cg0ArKJSzMYFQmy9fc7NEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 21:18:47 GMT

GET
H2 200 gemius.js Show response
gdetr.hit.gemius.pl/ Frame 90F7 64 KB
17 KB 66ms
65ms Script
application/x-javascript 178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/gemius.js
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: 2b5b97c7ae99fc579b35502b8b340d6055d395e03bfaac05849e7fadf58693ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gdetr.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:47 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 14:18:25 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17002
expires: Thu, 27 Apr 2023 09:18:47 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3FA5 5 KB
3 KB 103ms
32ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 3332d00941fe5a5432a3315cc9d07b0e45c68abb0eded83b0e84e07982f904c0

Request headers

Referer: https://gdetr.hit.gemius.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2720
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 21:18:48 GMT
etag: PRIVATE7520710249
expires: Fri, 26 May 2023 21:18:48 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304240101&jk=1196461705445690&bg=!uLulu-_NAAYfNdXmPzU7ADkAdvg8WvYAx5922xjGwcLEq0p-cw3LQv-FywunjqJWbwJPZ_nt255zKVYrJdR-DRaqdnMZokCuXrICAAAAYFIAAAAEaAEHCgAHk_hGxSRrgZkC-sHMfUZbeGyCXRfLJkYAcOXDD0FZ_keZ_XX_Fw1D1wEQODMUWynQttVFPRrdwA8Wc8PmvrRs7cPaeOgsCpZd3U4qEi2J0qlkUfoO3sSmMRjpZeLuHXkYwx84qBJdqTwl8lnCOPRqFiOp--58K2-gOrxU5uldZv7HSS0DE0Z5RKMUD1kbExGXvo3mfjgRrHKtxi76YOlRs5oyJ-PJwnqQL7OLx4ZVzBzH2-7lUgJafRCq2ATvICLkL2TTEaC-Rq7yMnuLF-HuGfBfShSHEZVOEcYorO2_9pMy5gWQ9o5mCOWf4r5EL_AV_xfMUM6FjDUAmFnxI0LDURO2zK5kZk7ZQhg5tKTSFDV4Cbkxv7hvOOz40o8fm9C6Ej5OsYcmpJWOL8X2Wma55JedEtlH660tzCTDSKn_mFo2GCaas8QVtrryAnkACIm5sJqK5egCPSpffQJss9eGyiOPMeSvqsDOdADBLdt7SpYNpUX_2ZoK8T6h6-asKGN0xsRrOnQH1YcVJomt1pZ7ZLhckprkBzWZSAtGnobARiUxO_NcIPYFqK8pMjThpNONBUTlxwDKhPgaIt8aN5Ip62IiLhio19-qT2iLIaMf-FPR5t3rMkuWXdfHEiGnXM1r78Oe9adQ8MUocc54udan7CD0z1_-DqR6WEHQVwYjx1_K1vxvSOxD4_yhxpSChtOPYgEaQ-wX6FUjpZs-DTBG8WHNoxXjodbDWqUY_pIw7KT3LtIUXVVCBAkGY6EirgfsYTY9xKHlYvWshE3YYCMib7W96SpHH0uaYiTqiwct__1kMgIwzWrZaSmuuBa78bFzmbD0NLdLkEj3ipDOCuLJjV8XJCTaKbPT8SZrblsgzjox76tDpq7NJkcPCJw6271MK5e3qbiRPfixA5uMJIY11I6gUb17U9zHACjT3OMlyT6jrAwI9SXHEalhOkDrzIJNWsZD6LeDkovyP-i2Wr2KGxyfpL-ptoNMoVLioGkPhI332dfZh_eP5Q310riSu_xBrOUUlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

200

redot.js Show response
gdetr.hit.gemius.pl/__/_1682543928224/ Frame 35A7
Redirect Chain

https://gdetr.hit.gemius.pl/_1682543928224/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/fastid=cqrhibykibktakjtozkdyunccbkp/stparam=ymnepwpmgm&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_...
https://gdetr.hit.gemius.pl/__/_1682543928224/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/fastid=cqrhibykibktakjtozkdyunccbkp/stparam=ymnepwpmgm&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%...

2 B
176 B

44ms
43ms

XHR
application/x-javascript

178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/__/_1682543928224/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/fastid=cqrhibykibktakjtozkdyunccbkp/stparam=ymnepwpmgm&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D1%7Cifrv%3D98%7Cifrw%3D300%7Cifrh%3D250%7Cxref%3Dhttps%3A%2F%2Fsahibinden.scrsafepay.com%7Ctq%3D1%7Chct%3D633&lsdata=.66LY69I7dMq77HekmEBbFYR8Lc4xa8P8M2Y_ZZTVBf.N7VzEghU7VCYGULMlrXaDv7bBijBmgo1qt2eztx0JPd.0I9N/UQihhQ.x0pRfD/&href=https%3A%2F%2F6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fsahibinden.scrsafepay.com%2Filan%2FREDM%25C4%25B0%2520NOT%25208%2520PRO%252064%25206%2520Tertemiz%2F125500f5-20aa-4b7e-8e9e-78f0b94865ef%2Fdetay
Protocol: H2
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 21:18:48 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Tue, 25 Apr 2023 21:18:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Apr 2023 21:18:48 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
location: /__/_1682543928224/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/fastid=cqrhibykibktakjtozkdyunccbkp/stparam=ymnepwpmgm&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=ls%3D1%7Ctpb%3D1%7Cifr%3D1%7Cifrv%3D98%7Cifrw%3D300%7Cifrh%3D250%7Cxref%3Dhttps%3A%2F%2Fsahibinden.scrsafepay.com%7Ctq%3D1%7Chct%3D633&lsdata=.66LY69I7dMq77HekmEBbFYR8Lc4xa8P8M2Y_ZZTVBf.N7VzEghU7VCYGULMlrXaDv7bBijBmgo1qt2eztx0JPd.0I9N/UQihhQ.x0pRfD/&href=https%3A%2F%2F6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fsahibinden.scrsafepay.com%2Filan%2FREDM%25C4%25B0%2520NOT%25208%2520PRO%252064%25206%2520Tertemiz%2F125500f5-20aa-4b7e-8e9e-78f0b94865ef%2Fdetay
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 25 Apr 2023 21:18:48 GMT

GET
H2 200 redot.js Show response
gdetr.hit.gemius.pl/_1682543928751/ Frame 35A7 2 B
252 B 31ms
31ms XHR
application/x-javascript 178.33.196.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gdetr.hit.gemius.pl/_1682543928751/redot.js?id=zao70Gb5HDU_5TirkFHEf8R7zQX_Y88ohRIjwhc0ZwT.e7/stparam=vnelcujrmh&inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C&extra=isn%3D0%7Cisn_d%3D1469%7Cisn_s_v%3D3v4d_4%7Cls%3D1%7Ctpb%3D1%7Cifr%3D1%7Cifrv%3D98%7Cifrw%3D300%7Cifrh%3D250%7Cxref%3Dhttps%3A%2F%2Fsahibinden.scrsafepay.com%7Ctq%3D2%7Chct%3D633&lsdata=.66LY69I7dMq77HekmEBbFYR8Lc4xa8P8M2Y_ZZTVBf.N7VzEghU7VCYGULMlrXaDv7bBijBmgo1qt2eztx0JPd.0I9N/UQihhQ.x0pRfD/&href=https%3A%2F%2F6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fsahibinden.scrsafepay.com%2Filan%2FREDM%25C4%25B0%2520NOT%25208%2520PRO%252064%25206%2520Tertemiz%2F125500f5-20aa-4b7e-8e9e-78f0b94865ef%2Fdetay
Requested by: Host: gdetr.hit.gemius.pl
URL: https://gdetr.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS: ip208.ip-178-33-196.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 21:18:48 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Tue, 25 Apr 2023 21:18:48 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35A7 42 B
174 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb5ODYbPtZUf0JnsWxrqzz6Rzsd5URHLu2Y0Mk-T1y_D2mmOcZt5z-zvIgCcgFnHlN8d_QY0cOhNEMQ_wI-6Qx0DbI6tbNfhDDrWJStzz_p32jq1qQ&sig=Cg0ArKJSzDREoU-vceQAEAE&id=lidar2&mcvt=1001&p=518,1075,768,1375&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3994822566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682543927281&rpt=585&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 21:18:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 242ms
179ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Apr 2023 21:18:49 GMT

GET syncframe
gum.criteo.com/ Frame 7DD1 0
0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 66ms
33ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Apr 2023 21:18:49 GMT

GET
H2 200 Click.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 2 KB
2 KB 19ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/Click.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 6df7f77c22d2b3fb04919fa8fe7eb49ced4a1e352872a290c454ae379c4e876c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:26:27 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EC3000007D0B2E3DB27"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2000
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 Buton.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 2 KB
2 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/Buton.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: ed86e7ffb537422ccff21965b607630bb97297ec70533fb1b8b1758561db92c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:45 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E990000067393D67D6B"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 1651
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 Tarih_4.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/Tarih_4.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: f779f33be78d7a43825a1f89493cabcddfa392e34020da754176630e76ffa3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:53 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA100000E08E0AF30EF"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3592
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 300x250-BG.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 6 KB
6 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/300x250-BG.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: f61bbb82f017f945b0cfcff391a93516e64790a70519de8c54052477628c4ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:56 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA400001639057ABBA3"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5689
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 1-Mop.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/1-Mop.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: dae059048d968874fc8d043364fb2fa4ee24019d0b96e3c2c1cbc0b656d661aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:46 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9A00000E604E75ECB4"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3680
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 1-Mop-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 21ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/1-Mop-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 82e277b3bb9551cdc1a45038351123b3d905d5c8feab6f569b983e920cdafa24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:47 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9B00001463429259AE"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5219
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 2-Nevresim.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 20 KB
20 KB 22ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/2-Nevresim.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 5177f47c4da4dd17d90c23b561ae2bb3b8312196e1401b19b6d17b1fc866215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:48 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9C00004EB5809D7C8D"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 20149
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 2-Etiket_2.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 14 KB
14 KB 22ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/2-Etiket_2.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 731434daa958b1898f5743f6e393bcbc3694fb941d0ab9619b2aec3fdd593bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:49 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9D0000372A2D44259E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 14122
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 2-Nevresim-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 22ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/2-Nevresim-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: e407e35c8151dfc7aae5bc242b7ec00c32d99984e3226eb3cd68b0541e69aef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:50 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9E0000109663DAC679"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4246
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 3-Supurge.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 22ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/3-Supurge.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: a518378f1ef26ef58589952a5617010e1409bfc7a5a08f22a902d19c96837d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:51 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9F000014BECF57998E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5310
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 3-Supurge-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 52ms
50ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/3-Supurge-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: d0f12d16108975bc9813d2a16087f49d148650d55818926fc2f7f0fb2ab2d047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:52 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA000001224B402728E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4644
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 4-Robot.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 15 KB
15 KB 52ms
51ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/4-Robot.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 7f875e440a1864f8ec581c2a8bff231da87e5955b001f1795f2428bf61fa6b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:53 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA100003BA231414833"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 15266
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 4-Etiket_2.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 2 KB
2 KB 52ms
51ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/4-Etiket_2.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 7679aa2e56817838104c72d12bca5bd781c20c3e255f00e4267a161f283aebdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:54 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA2000007CD872863CB"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 1997
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 4-Robot-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 52ms
51ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/4-Robot-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 10ccad1bb5987084460309909ffac3f1154e1aa4c7d2500e0949ca76baa82dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:55 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA3000011831EA09DA9"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4483
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 5-Araba.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 11 KB
11 KB 52ms
51ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/5-Araba.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: dd310cdf67aa920b9310e02d4c0fa9ba9d580bf5d6f8bf94cd9d2c9c2f28f146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:56 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA400002C344AD694CC"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 11316
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 5-Araba-Dikey_1.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 53ms
52ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/5-Araba-Dikey_1.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 84c8efe9f6c632ab09a0943ededbfef4a71961d42e5ee12f36b802e3ae2db9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:57 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA5000012898E913C32"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4745
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
DATA 200
OK truncated
/ Frame 30E2 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Tarih_4.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 30ms
30ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/Tarih_4.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: f779f33be78d7a43825a1f89493cabcddfa392e34020da754176630e76ffa3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:53 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA100000E08E0AF30EF"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3592
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 Click.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 2 KB
2 KB 30ms
30ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/Click.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 6df7f77c22d2b3fb04919fa8fe7eb49ced4a1e352872a290c454ae379c4e876c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:26:27 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EC3000007D0B2E3DB27"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2000
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 1-Mop-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 36ms
36ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/1-Mop-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 82e277b3bb9551cdc1a45038351123b3d905d5c8feab6f569b983e920cdafa24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:47 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9B00001463429259AE"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5219
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 1-Mop.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 37ms
36ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/1-Mop.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: dae059048d968874fc8d043364fb2fa4ee24019d0b96e3c2c1cbc0b656d661aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:46 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9A00000E604E75ECB4"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3680
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 5-Araba-Dikey_1.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/5-Araba-Dikey_1.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 84c8efe9f6c632ab09a0943ededbfef4a71961d42e5ee12f36b802e3ae2db9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:57 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA5000012898E913C32"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4745
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 4-Robot-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 21ms
19ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/4-Robot-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 10ccad1bb5987084460309909ffac3f1154e1aa4c7d2500e0949ca76baa82dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:55 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA3000011831EA09DA9"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4483
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 4-Etiket_2.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 2 KB
2 KB 22ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/4-Etiket_2.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 7679aa2e56817838104c72d12bca5bd781c20c3e255f00e4267a161f283aebdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:54 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA2000007CD872863CB"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 1997
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 3-Supurge-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 22ms
20ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/3-Supurge-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: d0f12d16108975bc9813d2a16087f49d148650d55818926fc2f7f0fb2ab2d047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:52 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA000001224B402728E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4644
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 3-Supurge.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 5 KB
5 KB 22ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/3-Supurge.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: a518378f1ef26ef58589952a5617010e1409bfc7a5a08f22a902d19c96837d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:51 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9F000014BECF57998E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5310
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 2-Nevresim-Dikey.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 4 KB
4 KB 23ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/2-Nevresim-Dikey.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: e407e35c8151dfc7aae5bc242b7ec00c32d99984e3226eb3cd68b0541e69aef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:50 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9E0000109663DAC679"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4246
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 2-Etiket_2.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 14 KB
14 KB 23ms
21ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/2-Etiket_2.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 731434daa958b1898f5743f6e393bcbc3694fb941d0ab9619b2aec3fdd593bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:49 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9D0000372A2D44259E"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 14122
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 2-Nevresim.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 20 KB
20 KB 18ms
17ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/2-Nevresim.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 5177f47c4da4dd17d90c23b561ae2bb3b8312196e1401b19b6d17b1fc866215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:48 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495E9C00004EB5809D7C8D"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 20149
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 5-Araba.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 11 KB
11 KB 18ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/5-Araba.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: dd310cdf67aa920b9310e02d4c0fa9ba9d580bf5d6f8bf94cd9d2c9c2f28f146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:56 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA400002C344AD694CC"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 11316
expires: Thu, 15 Jun 2023 21:18:50 GMT

GET
H2 200 4-Robot.png
trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/ Frame 30E2 15 KB
15 KB 18ms
18ms Image
image/png 37.59.195.1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/4-Robot.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.59.195.1 San Javier, Spain, ASN16276 (OVH, FR),
Reverse DNS
Software: GAD /
Resource Hash: 7f875e440a1864f8ec581c2a8bff231da87e5955b001f1795f2428bf61fa6b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trgde.adocean.pl/files/akinrqrrpcu/kdgqqkihro/sjigikpqfg/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 21:18:50 GMT
last-modified: Wed, 26 Apr 2023 17:25:53 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: "64495EA100003BA231414833"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/png
cache-control: public, must-revalidate, max-age=4320000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 15266
expires: Thu, 15 Jun 2023 21:18:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: banaozel.sahibinden.com
URL: https://banaozel.sahibinden.com/ajax/login/info

Domain: banaozel.sahibinden.com
URL: https://banaozel.sahibinden.com/ajax/login/info

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sahibinden.scrsafepay.com

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sahibinden (Classifieds)

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sahibinden.com/	1970-01-20 11:22:25	Name: __cf_bm Value: 4CgScqeKiqUz0w_l2GX6Sz0_HmrGleaBPIK6j5U5UqI-1682543926-0-AZOGKN6Y+LhxyrF1FMlrbGAe+ZMP42GixvxftkScwGe8qsuILLka/GrYuxozEGSjqn5MJmMYyt9tl+PcujkltYM=
.scrsafepay.com/	1970-01-20 20:43:59	Name: __gads Value: ID=75b288e485d47a56:T=1682543927:S=ALNI_MZLdpikxLmAwle0CI2JPF5BP23LkQ
.scrsafepay.com/	1970-01-20 20:43:59	Name: __gpi Value: UID=00000c0acbe678a9:T=1682543927:RT=1682543927:S=ALNI_Mauyl0y5Ubksn08yTSY9u71_j8_eQ
.doubleclick.net/	1970-01-20 20:58:23	Name: IDE Value: AHWqTUmg8U6tn19wACPjicsi7yZ-89HzvZdzdnheOWafT2xxT3F4WlEn2sbQOR0n3pg
.trgde.adocean.pl/	1970-01-20 20:51:11	Name: GAD Value: KlGSfMMGQMQGMIO1wkg7e8FUssGMXP8cFRySssX6QssGvaGpI7EPoaVGL1BGG7_DGtGiXD_nGGMS
.hit.gemius.pl/	1970-01-20 20:51:11	Name: Gdyn Value: KlxU7RMGQMQG184Q5ES7e8FUssGMXP8c25nSG4mfct45FRxSG7RrGS6GrsatFlM1YH8PlexaG0F6Qssa

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay(Line 2235) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://tags.bluekai.com/site/39228?ret=js Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sahibinden.scrsafepay.com/ajax/counter/increment/2321891821 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sahibinden.scrsafepay.com/ajax/dynamicParameter?paramName=FEATURE_DISCOVERY_DISPLAY_FREQUENCY Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay Message: Access to XMLHttpRequest at 'https://banaozel.sahibinden.com/ajax/login/info' from origin 'https://sahibinden.scrsafepay.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'null' that is not equal to the supplied origin.
network	error	URL: https://banaozel.sahibinden.com/ajax/login/info Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://accounts.google.com/gsi/button?theme=outline&logo_alignment=left&size=large&shape=rectangular&text=continue_with&type=standard&width=320&client_id=998609949251-di88ghsmju45dr0kh1oi42ti46k9f4nl.apps.googleusercontent.com&iframe_id=gsi_42511_452900&as=wPiH4REMH07o33sxZ6ooFw Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: https://sahibinden.scrsafepay.com/ilan/REDM%C4%B0%20NOT%208%20PRO%2064%206%20Tertemiz/125500f5-20aa-4b7e-8e9e-78f0b94865ef/detay Message: Access to XMLHttpRequest at 'https://banaozel.sahibinden.com/ajax/login/info' from origin 'https://sahibinden.scrsafepay.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'null' that is not equal to the supplied origin.
network	error	URL: https://banaozel.sahibinden.com/ajax/login/info Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sahibinden.scrsafepay.com/assets/images/celebrity_indicate_right_top_web:4a143102619e2856355174a0c3c09525.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6b43431eef0532754dbfb00fd07ae4cb.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.dz
adx.adform.net
banaozel.sahibinden.com
bidder.criteo.com
cdn-ukwest.onetrust.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
csp.withgoogle.com
gdetr.hit.gemius.pl
gum.criteo.com
hb.adscale.de
ls.hit.gemius.pl
pagead2.googlesyndication.com
s0.2mdn.net
s0.shbdn.com
sahibinden.scrsafepay.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.criteo.net
tags.bluekai.com
tpc.googlesyndication.com
trgde.adocean.pl
www.google.com
www.googletagservices.com
www.gstatic.com
banaozel.sahibinden.com
gum.criteo.com
146.59.30.96
178.33.196.208
2606:4700:3034::6815:2f60
2606:4700:4400::ac40:9062
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::200d
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2011
2a00:1450:4001:830::2006
2a02:2638:3::7
2a02:2638:d::2
37.157.3.20
37.59.195.1
52.57.72.211
69.192.160.219
85.153.138.73
04494b9f6615125922301037d9a4ff133e3c083682a8b1a0b2c8e727fcc9b574
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0adf0bce9c69989950d0134f3b0a6022a98c180b76cb8a28bfaaab5187020f6d
0d69d109cd164771ed1bc277c0657302d389cb463d1d39aa54c73f6bb350f165
10ccad1bb5987084460309909ffac3f1154e1aa4c7d2500e0949ca76baa82dd4
11ac2b44ab1fd282b7d1fe9afd6a606cfa20e4d201cfbd704920eca2b3778a6c
148499dce2da6272593a36cfab771b974458f254e62826fa2eb118b610ceb832
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
243ff4b38ca5fe323056ea75585fb66ec3ed73293eac13e7d215376f1418eb4a
2b5b97c7ae99fc579b35502b8b340d6055d395e03bfaac05849e7fadf58693ad
2ddfa8e93d0424d2d053327ef365a23f148f960aaf2b05c40a164a14a4c23e2e
303488f4f7cc35f0a2a580ec2ca17dbe317dacfcd1670bf836b55cb5ea2b5acc
3332d00941fe5a5432a3315cc9d07b0e45c68abb0eded83b0e84e07982f904c0
37d3d4785b04d5be22fd81e7b22170c7e9e6b1f66763c15dbcd860622954bf53
41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
475278b0d314514796bf3975e76512cf921d3a38780993d561eb693561020d4f
5177f47c4da4dd17d90c23b561ae2bb3b8312196e1401b19b6d17b1fc866215f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57aeb4eff25bc8a07d4f3a5c1bebbfec07bd486523e0f5279f71ab3e073fa74e
5acbba0227483db5d08e62513dfc5aed271fbf89ae009e1900854d9956cf3902
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b23ecdcee679aabc4fa26cf7b785344f4bb4054f307e950366d47bac0b99b9
6557336e1ec45c09ccce3aa2bd88c82d3ba57cd2163218fe75d14caea3830181
65d27641a3af6cf85102385d09d00531558481594198095b337c211052ad8ca4
66942b2dcc41fb0d80feea6e421a4edc17de0d2f91b64b0204522b772ecbad15
67b8e704d5901fe15e996062a63cc611a6aa8014e377d410ef9443cc7fe312de
68a82d2c051afeb93c8a418d704c55a254b9394ad69ad6d60fdc5c9b75fc7591
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
6df7f77c22d2b3fb04919fa8fe7eb49ced4a1e352872a290c454ae379c4e876c
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
731434daa958b1898f5743f6e393bcbc3694fb941d0ab9619b2aec3fdd593bc6
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7679aa2e56817838104c72d12bca5bd781c20c3e255f00e4267a161f283aebdc
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7f875e440a1864f8ec581c2a8bff231da87e5955b001f1795f2428bf61fa6b1b
82e277b3bb9551cdc1a45038351123b3d905d5c8feab6f569b983e920cdafa24
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84c8efe9f6c632ab09a0943ededbfef4a71961d42e5ee12f36b802e3ae2db9f8
869a8671363a2e29ec0effa51a474f3bfaaed8ff1f8dc13bba8f9f2967893a5f
8812cc00a2600bfae283d99f05c3d302da94432265c0e796f62f0c55a8eba9cc
89b18a7d4c82e76ede5110c86e82655eea78ccd4bdc6086ee27b715746f96c07
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8b5457b9a166e5a12bcb1a0397aac8abb187ab29f8ae0cc7f4ab5f6197674d9e
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968
95a74e168be9430efa6fd93474d7b6b5640d7c6d6b1ee65f6bd1e04390eb7606
9fc2456f86ccef56926373548f09363de2d2124a2b694a4a5c29a27d2d86d7c6
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a087d1978632c33494d281fd9f7cf27c770df3a79f2bcbba87247acbbfa207f8
a2e0ef67705fb2b19120fd38c35c2d43444b8d80f422978f86bcc7b7ddb0b6a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a518378f1ef26ef58589952a5617010e1409bfc7a5a08f22a902d19c96837d44
a7ae7cfe10f5fe2a8b87d48fd3b0391d9d53d8b38cfa9bae76be7725bd02e5a8
a8d327b81bc8dcaf5a59be967c4d8ab1b48d0ee00a7be3dc6964c38306e7cf85
aaf551f850f010ff4b1538b7ff62ef0703b91849cc4962665d33e6312aa1b5a5
affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d
b2ec648faeffb58f7840a24eb475254203b7a0221ca42c71f47489fa22443564
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
c3b1ca5d98d4076ec5875d96d79179647df3148e16005ec6c2b7e131eabecbb5
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
d0f12d16108975bc9813d2a16087f49d148650d55818926fc2f7f0fb2ab2d047
d35681e96b87339ee5c6c86bf18f084f175cb5d59a20873aeb9c0b6872c6cbfb
d39a1898d84b44f2db555eb4633928be8faedb0cb62fc2535b07b6414e836a9a
d568607d812e198ca7d8521bfefa280ca2db6a571d465e64bf5e679a3bee2542
dae059048d968874fc8d043364fb2fa4ee24019d0b96e3c2c1cbc0b656d661aa
dca087d31986f2710a31d983843aa56d016d278bb316cd3d74f5deb6700236ab
dd310cdf67aa920b9310e02d4c0fa9ba9d580bf5d6f8bf94cd9d2c9c2f28f146
dd5c21becc119fd932a6ee293112bc4198207071e3240c9a76c2dc62c5c4da00
dd62305a57c183e84c3a941c307cb54a67aeda4c353b36bfa951743a70a46c71
de0a8a455421b978bb6aa5eb32fdf6f318a46f4985556b25844d12b5ace0767e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ba947dece71511fd9f00f5c4c903705d7e31c483f92cd4d54d458909c2dbde
e407e35c8151dfc7aae5bc242b7ec00c32d99984e3226eb3cd68b0541e69aef6
ed86e7ffb537422ccff21965b607630bb97297ec70533fb1b8b1758561db92c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a9b88e1024d5714d1821221c3b309ee32959e167d23af8c69f681e40539ed8
f27485407773be13e4df8c678ad4af4570780a3320bd8cd154713625c8aa777b
f5f6bdd8c7b8e9421a4a9a192b5964d536f0e6f114a7729d14342024896da804
f61bbb82f017f945b0cfcff391a93516e64790a70519de8c54052477628c4ac3
f779f33be78d7a43825a1f89493cabcddfa392e34020da754176630e76ffa3f5
fb1e90c85c0acdd7385fd6ed433064ab8dde048e9b9eee8ec613ac931f32c945
fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029

sahibinden.scrsafepay.com Open in urlscan Pro 2606:4700:3034::6815:2f60 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

96 %HTTPS

73 %IPv6

21 Domains

28 Subdomains

27 IPs

6 Countries

2259 kBTransfer

5622 kBSize

6 Cookies

88 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sahibinden.scrsafepay.com Open in urlscan Pro
2606:4700:3034::6815:2f60 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

96 %
HTTPS

73 %
IPv6

21
Domains

28
Subdomains

27
IPs

6
Countries

2259 kB
Transfer

5622 kB
Size

6
Cookies

114 HTTP transactions
4 data transactions