memur.ogrenciyardim.net Open in urlscan Pro
45.151.249.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://memur.ogrenciyardim.net/
Submission: On November 11 via api (November 11th 2024, 3:09:32 am UTC) from US — Scanned from CA

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 46 HTTP transactions. The main IP is 45.151.249.46, located in Izmir, Turkey and belongs to VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR. The main domain is memur.ogrenciyardim.net.
TLS certificate: Issued by R11 on November 5th 2024. Valid for: 3 months.

This is the only time memur.ogrenciyardim.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	45.151.249.46 45.151.249.46	209853 (VERIDYEN ...) (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi)
4	23.223.209.75 23.223.209.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.251.40.232 142.251.40.232	15169 (GOOGLE) (GOOGLE)
3	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1	23.223.209.14 23.223.209.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
3	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
12	142.251.40.142 142.251.40.142	15169 (GOOGLE) (GOOGLE)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	142.251.35.161 142.251.35.161	15169 (GOOGLE) (GOOGLE)
1	142.250.80.68 142.250.80.68	15169 (GOOGLE) (GOOGLE)
46	12

15 45.151.249.46 (Izmir, Turkey)

ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR)
PTR: polo.veridyen.com

memur.ogrenciyardim.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.223.209.75 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-75.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.232 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.223.209.14 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-14.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.161 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ogrenciyardim.net memur.ogrenciyardim.net	214 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	72 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561	82 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	211 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	107 KB
46	8

	Domain	Requested by
15	memur.ogrenciyardim.net	memur.ogrenciyardim.net
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	use.typekit.net	memur.ogrenciyardim.net use.typekit.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	memur.ogrenciyardim.net pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	memur.ogrenciyardim.net
46	11

This site contains no links.

Subject Issuer	Validity	Valid
memur.ogrenciyardim.net R11	`2024-11-05` - `2025-02-03`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://memur.ogrenciyardim.net/
Frame ID: 14E22C49B6B0C15288B4E70ADC07AA68
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Frame ID: 2A6106FF0429D0463430CD7DAA33AC4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891924827542294&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731294566&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_r&format=0x0&url=https%3A%2F%2Fmemur.ogrenciyardim.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731294566446&bpp=15&bdt=4067&idt=293&shv=r20241106&mjsv=m202411060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6177349057095&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344187%2C31088764%2C95345471%2C95345966&oid=2&pvsid=2040308863896927&tmod=1077286664&uas=0&nvt=1&fsapi=1&fc=1920&brdim=860%2C860%2C860%2C860%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: 788B520BDFCB39338C50439305112948
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891924827542294&output=html&h=280&slotname=4360601815&adk=763855010&adf=1390867147&pi=t.ma~as.4360601815&w=1158&abgtt=6&fwrn=4&fwrnh=100&lmt=1731294566&rafmt=1&format=1158x280&url=https%3A%2F%2Fmemur.ogrenciyardim.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731294566465&bpp=1&bdt=4086&idt=347&shv=r20241106&mjsv=m202411060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6177349057095&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344187%2C31088764%2C95345471%2C95345966&oid=2&pvsid=2040308863896927&tmod=1077286664&uas=0&nvt=1&fc=1920&brdim=860%2C860%2C860%2C860%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=358
Frame ID: BE782D84DE24CB25FA88337AE1BE08BE
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 174DFE76BB901397DA40F3450CCAB5AB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4BBAF2499857A3A5015CD60FD95BE080
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kamu Personeli Memur Alım İşçi Haberleri – Kamu Personeli Memur Alım İşçi Haberleri Bilgi Sitesi

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

46
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

706 kB
Transfer

1992 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
memur.ogrenciyardim.net/ 310 KB
87 KB 750ms
326ms Document
text/html 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 4fd3aa1469bfe6803572cd2f5e4fc0f92f2982b8f0ecbff8f4a1cfe7b7e200e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Nov 2024 03:09:21 GMT
etag: "11-1731267994;br"
link: <https://memur.ogrenciyardim.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 style.min.css
memur.ogrenciyardim.net/wp-includes/css/dist/block-library/ 110 KB
14 KB 272ms
249ms Stylesheet
text/css 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 13903
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: text/css
last-modified: Wed, 04 Sep 2024 19:19:20 GMT
vary: Accept-Encoding

GET
H2 200 style.css
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/dist/ 61 KB
12 KB 272ms
250ms Stylesheet
text/css 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/dist/style.css?ver=1730899535
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: f8f5e1b56404cc2712dcbb5e2dd5dd8f42e535f7059ad39976051bdc1870cd0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 12035
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: text/css
last-modified: Wed, 06 Nov 2024 13:25:35 GMT
vary: Accept-Encoding

GET
H2 200 wra8zcc.css
use.typekit.net/ 4 KB
995 B 3582ms
141ms Stylesheet
text/css 23.223.209.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wra8zcc.css?ver=6.6.2

Requested by

Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.223.209.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-209-75.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

daf97cfd9d584b2531d2f1bdb8d61ce05571bfcf04507241927ee98327aee413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 772
date: Mon, 11 Nov 2024 03:09:25 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 jquery.min.js Show response
memur.ogrenciyardim.net/wp-includes/js/jquery/ 86 KB
29 KB 271ms
250ms Script
application/javascript 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 29744
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: application/javascript
last-modified: Mon, 28 Aug 2023 19:44:24 GMT
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
memur.ogrenciyardim.net/wp-includes/js/jquery/ 13 KB
5 KB 271ms
251ms Script
application/javascript 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 4678
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 08:19:24 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
107 KB 179ms
105ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QJFHCZC2MQ

Requested by

Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d188c91a851cef2e657e18c38f307cf0eed20e35a77425d807edeb66f78a61ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 11 Nov 2024 03:09:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109246
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 1-e1730899687861.webp
memur.ogrenciyardim.net/wp-content/uploads/2024/11/ 11 KB
11 KB 168ms
161ms Image
image/webp 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memur.ogrenciyardim.net/wp-content/uploads/2024/11/1-e1730899687861.webp
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 02b87089386a8b0b44da1cab755f2a3faa1491014d34f35b2d1442d1cf197507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 11248
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: image/webp
last-modified: Wed, 06 Nov 2024 13:28:07 GMT

GET
H2 200 02n.svg
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/weather/ 2 KB
683 B 166ms
159ms Image
image/svg+xml 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/weather/02n.svg
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 8f6132d44f25813b9db779948a76ddb894bb780d16a4623ba0599a241e1c1b62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 639
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Nov 2024 13:25:35 GMT
vary: Accept-Encoding

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 128ms
62ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2891924827542294

Requested by

Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

cb4548cc2b9ea509c26709c8c8bd320e735041525501e4e7cbafadac71526cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://memur.ogrenciyardim.net
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: br
etag: 7324139613521297935
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 03:09:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 Nov 2024 03:09:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53432
x-xss-protection: 0
server: cafe

GET
H2 200 owl.carousel.min.js Show response
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/lib/owl-carousel/ 42 KB
10 KB 165ms
158ms Script
application/javascript 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/lib/owl-carousel/owl.carousel.min.js?ver=1730899535
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: a96f664a52bdca0f3d7d49db75fd32683437f92b0153c16c53426f97e6adeb65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 10657
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 13:25:35 GMT
vary: Accept-Encoding

GET
H2 200 scripts.js Show response
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/scripts/ 23 KB
6 KB 157ms
156ms Script
application/javascript 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/scripts/scripts.js?ver=1730899535
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: ed74e40fece8ce61713640e4c9958167c06d6e07b9e6f04d1351d150053357d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:21 GMT
accept-ranges: bytes
content-length: 6175
date: Mon, 11 Nov 2024 03:09:21 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 13:25:35 GMT
vary: Accept-Encoding

GET 449b3ab7-84d3-4540-bee1-fec937e6dde4
https://memur.ogrenciyardim.net/ Frame 0
0

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 385ms
33ms Stylesheet
text/css 23.223.209.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wra8zcc&ht=tk&f=15498.15505.15506.15508.15510&a=36299304&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wra8zcc.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.209.14 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-209-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "64b1430a-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: text/css
last-modified: Fri, 14 Jul 2023 12:43:54 GMT
server: nginx

GET
H2 200 l
use.typekit.net/af/00cc08/00000000000000007735a0a6/30/ 27 KB
27 KB 164ms
53ms Font
application/font-woff2 23.223.209.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/00cc08/00000000000000007735a0a6/30/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wra8zcc.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.209.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-209-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1446edd6e4799bee1798ce5db599e02655c5b63fa267b585d4fcb1d8df1cfdcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://memur.ogrenciyardim.net
Referer: https://use.typekit.net/wra8zcc.css?ver=6.6.2

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "40cc410963fc0c5aae50786dc6503a76800f8936"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 27604
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 sprite.png
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/ 5 KB
5 KB 158ms
157ms Image
image/png 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/sprite.png
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/dist/style.css?ver=1730899535
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 73b7902f35ace7f3e318b2d7d155fc3336a88857c89f673f5298db699e3f09b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/dist/style.css?ver=1730899535

Response headers

cache-control: public, max-age=604800
expires: Mon, 18 Nov 2024 03:09:25 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4843
date: Mon, 11 Nov 2024 03:09:25 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 13:25:35 GMT

GET
H3 200 noimage.svg
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/ 116 B
147 B 159ms
157ms Image
image/svg+xml 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/noimage.svg
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 8c44d16a083a7b940fa62ec458cc4cac46e67c137c511d5bc26fc8aa04fc037b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

expires: Mon, 18 Nov 2024 03:09:25 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 116
date: Mon, 11 Nov 2024 03:09:25 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Nov 2024 13:25:35 GMT

GET
H2 200 l
use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/ 27 KB
27 KB 162ms
53ms Font
application/font-woff2 23.223.209.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wra8zcc.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.209.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-209-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8e36707e7bd75d1be703f0c1708be48fef9590151e9d1378e6e9f943d58f39d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://memur.ogrenciyardim.net
Referer: https://use.typekit.net/wra8zcc.css?ver=6.6.2

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "a99eda0eb43e12e8eb41dfa6328d52274529481c"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 27296
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/ 27 KB
27 KB 152ms
46ms Font
application/font-woff2 23.223.209.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/l?primer=19e22326407baa22e24dbf97694ecfebb3b5e74ea485d31fd395694769e48f8c&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wra8zcc.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.209.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-209-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 08892cb73524e13c2afb71cf5f6c81562e2e6bcb5ccdb2c52458abb3f2828425

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://memur.ogrenciyardim.net
Referer: https://use.typekit.net/wra8zcc.css?ver=6.6.2

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "5e48ac796b03001fd04f69bac42b6bf9177135a6"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 27660
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/ 433 KB
144 KB 84ms
75ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2891924827542294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

cb870b9df6310f82e8b0501b5de1724c970603023d73bd2a8ee5c3e77828b11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: br
etag: 819314746717493390
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 03:09:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147330
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 126ms
47ms Fetch
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QJFHCZC2MQ&gtm=45je4b70v9199495535za200&_p=1731294566368&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1800834026.1731294567&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731294566&sct=1&seg=0&dl=https%3A%2F%2Fmemur.ogrenciyardim.net%2F&dt=Kamu%20Personeli%20Memur%20Al%C4%B1m%20%C4%B0%C5%9F%C3%A7i%20Haberleri%20%E2%80%93%20Kamu%20Personeli%20Memur%20Al%C4%B1m%20%C4%B0%C5%9F%C3%A7i%20Haberleri%20Bilgi%20Sitesi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4955
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QJFHCZC2MQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://memur.ogrenciyardim.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 shadow.png
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/ 733 B
752 B 162ms
161ms Image
image/png 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/shadow.png
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/dist/style.css?ver=1730899535
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: f609f4b1853661ea8ba32f1c43288a1732a4e65be8c70de54b35158d31454531

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/dist/style.css?ver=1730899535

Response headers

expires: Mon, 18 Nov 2024 03:09:25 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 733
date: Mon, 11 Nov 2024 03:09:25 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 13:25:35 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34332706e5b51ee18bc1efb39cbbfe6f93b76d6a5c4000f266c9c3c77e5190a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 wp-emoji-release.min.js Show response
memur.ogrenciyardim.net/wp-includes/js/ 18 KB
5 KB 160ms
160ms Script
application/javascript 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by: Host: memur.ogrenciyardim.net
URL: https://memur.ogrenciyardim.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Mon, 18 Nov 2024 03:09:25 GMT
accept-ranges: bytes
content-length: 4676
date: Mon, 11 Nov 2024 03:09:25 GMT
content-type: application/javascript
last-modified: Thu, 27 Jun 2024 16:21:44 GMT
vary: Accept-Encoding

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/ Frame 2A61 0
0 125ms
32ms Document
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://memur.ogrenciyardim.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 65
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 03:08:21 GMT
etag: 4475648825157136472
expires: Mon, 25 Nov 2024 03:08:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 788B 0
0 281ms
224ms Document
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891924827542294&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731294566&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_r&format=0x0&url=https%3A%2F%2Fmemur.ogrenciyardim.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731294566446&bpp=15&bdt=4067&idt=293&shv=r20241106&mjsv=m202411060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6177349057095&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344187%2C31088764%2C95345471%2C95345966&oid=2&pvsid=2040308863896927&tmod=1077286664&uas=0&nvt=1&fsapi=1&fc=1920&brdim=860%2C860%2C860%2C860%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://memur.ogrenciyardim.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4870
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 03:09:27 GMT
expires: Mon, 11 Nov 2024 03:09:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame BE78 0
0 174ms
164ms Document
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891924827542294&output=html&h=280&slotname=4360601815&adk=763855010&adf=1390867147&pi=t.ma~as.4360601815&w=1158&abgtt=6&fwrn=4&fwrnh=100&lmt=1731294566&rafmt=1&format=1158x280&url=https%3A%2F%2Fmemur.ogrenciyardim.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731294566465&bpp=1&bdt=4086&idt=347&shv=r20241106&mjsv=m202411060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6177349057095&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95344187%2C31088764%2C95345471%2C95345966&oid=2&pvsid=2040308863896927&tmod=1077286664&uas=0&nvt=1&fc=1920&brdim=860%2C860%2C860%2C860%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=358

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://memur.ogrenciyardim.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 03:09:26 GMT
expires: Mon, 11 Nov 2024 03:09:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-2891924827542294 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 157ms
75ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2891924827542294?href=https%3A%2F%2Fmemur.ogrenciyardim.net&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

f968c5b5717636f737ab975a830d836d1e97bd146f498eb998ab6784b30fcdb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-krq5HYLNHV7MKI_4jLpX_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:27 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1pBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIW4OZ6_OrqTTeBH_68sJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQwNzPQPj-AIDAJSfRaY"
content-security-policy: script-src 'report-sample' 'nonce-krq5HYLNHV7MKI_4jLpX_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 124ms
58ms XHR
text/html 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FKjPyeGyBJo.es5.O/am=GAw/d=1/rs=AJlcJMxdavSH65WnOF4Gv0A0JzV47hW_OQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PKOBEa7yWGw24kOyXoUsjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:27 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uF4_uroTjaBF73fLjEquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQwNzPQPz-AIDAHtYKcM"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PKOBEa7yWGw24kOyXoUsjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWkr1RhoB3jhS585dlLuEPN7J-g3yUeGf1XpsC9pJ4GfbXgXlbFoGE_4Pl3uMCIj-TsXS9zJJpPlftvtGYVb0TzA1gEqpoYjIU5tlHhMon0-Or2knylCh-gAMz9GFYG5VqGdULLug== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 68ms
67ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkr1RhoB3jhS585dlLuEPN7J-g3yUeGf1XpsC9pJ4GfbXgXlbFoGE_4Pl3uMCIj-TsXS9zJJpPlftvtGYVb0TzA1gEqpoYjIU5tlHhMon0-Or2knylCh-gAMz9GFYG5VqGdULLug==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMjk0NTY3LDM2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tZW11ci5vZ3JlbmNpeWFyZGltLm5ldC8iLG51bGwsW1s4LCJGS2pQeWVHeUJKbyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

9816a47065f8451578484cee4ad7144bb5533075601284f65b76599e091f7e83

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Xrn8DMfP2V-igVwsaWguNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:27 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OJ6_OrqTTWDC8k1HGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NzPUMjOMLDAC_CkVo"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Xrn8DMfP2V-igVwsaWguNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxW896wcjDJPjUMI4ZPc0vj6pb0dxdHc8wPvmc578mKnoCuCa-B51rWZmfpOwYfSeuBivBx_9pQCiUy9s29Wg9RyMmzOTgEs-raWQPXZLEtIcgo94t3EjXPnvs_kTEtiRruiTJjkOg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 72ms
71ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW896wcjDJPjUMI4ZPc0vj6pb0dxdHc8wPvmc578mKnoCuCa-B51rWZmfpOwYfSeuBivBx_9pQCiUy9s29Wg9RyMmzOTgEs-raWQPXZLEtIcgo94t3EjXPnvs_kTEtiRruiTJjkOg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMjk0NTY3LDQ0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInRyIl0sImh0dHBzOi8vbWVtdXIub2dyZW5jaXlhcmRpbS5uZXQvIixudWxsLFtbOCwiRktqUHllR3lCSm8iXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

7467e3c08084e6d5beea8c36904f453e08e15b0c6ed88d05d41abeb593bb13f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YaiF67CoDiD0kKrdWkScwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:27 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4nr86upNN4MKbia8YlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ3M9QyM4wsMALJyQOI"
content-security-policy: script-src 'report-sample' 'nonce-YaiF67CoDiD0kKrdWkScwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 147ms
62ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241106&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

1454ecf32595c81b23321e724a14d5c1a37967468bd42158b2eba6615cd187ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12984
date: Mon, 11 Nov 2024 03:09:27 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 11922419.png
memur.ogrenciyardim.net/wp-content/uploads/2024/11/ 29 KB
29 KB 164ms
163ms Other
image/png 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to

Full URL: https://memur.ogrenciyardim.net/wp-content/uploads/2024/11/11922419.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 24b8b491337fe93e370c99a7e31772de547fb445e1c4a83030ffc0c476a75f05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

expires: Mon, 18 Nov 2024 03:09:26 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 29265
date: Mon, 11 Nov 2024 03:09:26 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 13:26:43 GMT

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 160ms
73ms Script
text/javascript 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411060101/show_ads_impl_fy2021.js?bust=31088764

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 03:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 174D 0
0 96ms
34ms Document
text/html 142.251.35.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://memur.ogrenciyardim.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 66
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 03:08:22 GMT
expires: Mon, 11 Nov 2024 03:58:22 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 4BBA 0
0 130ms
55ms Document
text/html 142.250.80.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UrcJIx6_p-UYUvyWCAfqqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://memur.ogrenciyardim.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UrcJIx6_p-UYUvyWCAfqqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 03:09:28 GMT
expires: Mon, 11 Nov 2024 03:09:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 commspace_ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxXV0DKVg6ezAhzpaPhQ9GwvjTgvXErd4hWu636Xoq6JYP4Dj2fADR8K_wwGwQo5o6XVZSfiEoxqvCvEqtazFBtF4FKbJt0Gz_mAsI7NR0Q7I8sBiFy6GcCtasorES4NGpY2BsvOWmZv8NF3RlcA0P2-NO5EN... 54 B
109 B 69ms
69ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXV0DKVg6ezAhzpaPhQ9GwvjTgvXErd4hWu636Xoq6JYP4Dj2fADR8K_wwGwQo5o6XVZSfiEoxqvCvEqtazFBtF4FKbJt0Gz_mAsI7NR0Q7I8sBiFy6GcCtasorES4NGpY2BsvOWmZv8NF3RlcA0P2-NO5EN_fZCBVfk656rVirYUg0nvoWhS0TrNzw/__480_60./lbl_ad._adspace-&ad_zones=/commspace_ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FKjPyeGyBJo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz_8HwcdrHNTZTKXmqgp8RCGv7ZvQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

c24707b0e2858c9132a0f090167817a051544ec54a1b34ff8c31fea34ced8b18

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XQDrAiIVDFUm5wQxB7v54Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg5Xrw6upNN4EZzf4iSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiaGhgbmegXF8gQEAU1U_5Q"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-XQDrAiIVDFUm5wQxB7v54Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 38ms
34ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

04689be6e51eaf5c62cfd08d22bdf26c823a42918d34226ebb16934742f36397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: br
etag: 1072231445585862297
age: 1722
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 03:40:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 11 Nov 2024 02:40:46 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15116
x-xss-protection: 0
server: cafe

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FjGCcpU1RpzYUp4zjnxbOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uZ48eroTjaBG_0doUouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDQwFzPwDy-wAAAIGwovw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FjGCcpU1RpzYUp4zjnxbOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eXKnqboAOJI0SLswW40M5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uZ48eroTjaBBdtX5Cq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0NDA3M9A_P4AgMALQgo6w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eXKnqboAOJI0SLswW40M5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LPeM90UqukfrlvKeWQrUiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uZ48eroTjaBHR8665RckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGhgbmegXl8gQEAPnwpKg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LPeM90UqukfrlvKeWQrUiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-numLa0L8uhOpoKB8ZBQUYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uZ48eroTjaBjv7WOiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmhoYK5nYB5fYAAAGlQopA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-numLa0L8uhOpoKB8ZBQUYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWUr7OHLbPuRaxEIMzGPJoG4iYwmVYoMs8Qbqdq16m91Sheme5vHPUCXaDGZQrNZdqsM6VtqnXF9hbEs62OjN6ha2IdOeT37sGN_h8xiz0pcHVD0a2sJYO4VSbyfrXcqwxxF4l_uw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
69ms Script
application/javascript 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWUr7OHLbPuRaxEIMzGPJoG4iYwmVYoMs8Qbqdq16m91Sheme5vHPUCXaDGZQrNZdqsM6VtqnXF9hbEs62OjN6ha2IdOeT37sGN_h8xiz0pcHVD0a2sJYO4VSbyfrXcqwxxF4l_uw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMjk0NTY4LDIyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwidHIiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tZW11ci5vZ3JlbmNpeWFyZGltLm5ldC8iLG51bGwsW1s4LCJGS2pQeWVHeUJKbyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

a989eae1830cdca75c4264d272fd69aa6319e50373d66ee780c4872770eb29e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z5YHN_nZUsmRkMzFOdl0SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OF68OrqTTWBGT18Lo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoaGBuZ6BcXyBAQCvtUT6"
content-security-policy: script-src 'report-sample' 'nonce-Z5YHN_nZUsmRkMzFOdl0SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXHB4tYnG2dLqZrSIzrGjTLa0wScqdYLcEp51ObhSQGMW9UQ0OT55RyAKD3pvIwKPQomipAc4TD8oab2MwUfnuy0qAUTJ17pUyBXwPCr6H0FE0nrKpv0uf1fombMAEpo93i6fyC0A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
55ms XHR
text/html 142.251.40.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXHB4tYnG2dLqZrSIzrGjTLa0wScqdYLcEp51ObhSQGMW9UQ0OT55RyAKD3pvIwKPQomipAc4TD8oab2MwUfnuy0qAUTJ17pUyBXwPCr6H0FE0nrKpv0uf1fombMAEpo93i6fyC0A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Oz_PZRSBWagHEI2gtK7Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uF48eroTjaBD1f_LWJUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhgbmegbm8QUGAIQZKeQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Oz_PZRSBWagHEI2gtK7Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPwQXd5eA_je7AlrLNK0WHwdc_xKdr7Z_NLg2nAFbEClv65nW4PUXNxDgjEwlxWW05G611uPA49ufUZawTa7zWPjlEdtTDxfJCKYv69AFru4Y9CnkT8S8u6Zm_2EIMX6KeB1i4Ig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WCZkWOCanQMmRTJ6D8rC7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://memur.ogrenciyardim.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 03:09:28 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uF48eroTjaBCZ_-L2JUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhgbmegbm8QUGAHbEKbA"
content-security-policy: script-src 'report-sample' 'nonce-WCZkWOCanQMmRTJ6D8rC7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://memur.ogrenciyardim.net
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 noimage.svg
memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/ 116 B
0 3ms
3ms Image
image/svg+xml 45.151.249.46
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memur.ogrenciyardim.net/wp-content/themes/safirwebportal/images/noimage.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.151.249.46 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: polo.veridyen.com
Software: /
Resource Hash: 8c44d16a083a7b940fa62ec458cc4cac46e67c137c511d5bc26fc8aa04fc037b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://memur.ogrenciyardim.net/

Response headers

expires: Mon, 18 Nov 2024 03:09:25 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 116
date: Mon, 11 Nov 2024 03:09:25 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Nov 2024 13:25:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: memur.ogrenciyardim.net
URL: blob:https://memur.ogrenciyardim.net/449b3ab7-84d3-4540-bee1-fec937e6dde4

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241106&jk=2040308863896927&bg=!ERKlEl3NAAYQZ9WPMGc7ADQBe5WfOAWLJaqP2d37vb7G2N6oc_6728itYWgX4ayhlSAVWaj5FKCispBRoVrKE-mbVW1bAgAAAGVSAAAAA2gBB34ANvWLAEP7wmi11r6pPDBnTUQE7cLmy8P1tCsrgzcdWx4OHMD6a7u7JUJa8lCxcx5PlbfH2gSe7pkCmr8RU_73Huc1lnvw2YogfMAfSpZQFGl4hhp_8_gVriP3lhJODkqOHnpHp9AIUDITDVV9udyaKXSKHbOiXRyTClRFIeebPv-R-foeimEjjnLcoSTyI_porGdxjHoCA7_L80_D1bu0s0C9nob_9yMyoJF_HaNQ7I2TBxxGnqzFGOvZZW4LSNhJBeNjRCAZZsZ_UKWZDSEVO_uzUdbY4FaNCXOUWUSJ5-2EtQQdfJvJ2_Ykw62eCDW_7wfE-5W4y99hOklkdDH8sgevZewLv5z_MS62xVccTRCNwqbDdtinkNObnW0Jc_sgCnNZ40Aa9hQdl5vw271e6v0vCbAhnjxcT7gRIy99Fu84BeRq7wc4h2Q8pCa5lUkUuAuETWuMvHMdMhE1rd3pndGu1NWCo_SAO2JJ5hitbHOo8QLD72klycbuV2_SQs5M9gAHke8P36rS51O6HDfm9zCkDGmuZ2tQrFev9MLk1UOfjm-g0hfJ_3OVSqzfSh8SLNuW8qZ5BvqBkBuUSuzC2JBtvESQ7C5OV_7EqA8hv8ESDyNh5VKNXdh8dEOsnmwrcG572APrteUC2HJmn6iwz9LCfb6QA1hCKNZl2qif0-Zg2gIwwf-MviPfbFtg5Y_7iGybHez585VwbIQuGQ-HcOfYhwGreHm7U8Hb-M--vLiy77oWXpn8nbAddKY5wtr-C7DoN9rhQ3ILekCJZfcbWZ67Sxix6FtuZLxdifcx74ZNF1LtsARkKcZnBvkyn7l6lX205KKmQEly1RzKEtQiwQ8YVRfplTxBZFd06dQ6wOC58IxH3eohfPDGJucygMC-s9T9nRNsXK2EJdW2gFfM4fpBcyy7W9KF1KRPvFFCFKtY8wwuFwIgw00AXpvvLqczddBaow

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ogrenciyardim.net/	1970-01-21 10:30:54	Name: _ga_QJFHCZC2MQ Value: GS1.1.1731294566.1.0.1731294566.0.0.0
.ogrenciyardim.net/	1970-01-21 10:30:54	Name: _ga Value: GA1.1.1800834026.1731294567
.doubleclick.net/	1970-01-21 00:54:55	Name: test_cookie Value: CheckForPermission
.ogrenciyardim.net/	1970-01-21 10:16:30	Name: __gads Value: ID=433a35ec93b1f2e6:T=1731294566:RT=1731294566:S=ALNI_MbxSOongDTAmnHHOyghvb48tDWklA
.ogrenciyardim.net/	1970-01-21 10:16:30	Name: __gpi Value: UID=00000db34d44f972:T=1731294566:RT=1731294566:S=ALNI_MYx7_7wV_NDoeJS58ubnyJhsIb9LA
.ogrenciyardim.net/	1970-01-21 05:14:06	Name: __eoi Value: ID=be028f81624dbfec:T=1731294566:RT=1731294566:S=AA-Afjbs9A_NrLZqg74l2uwBxvG5
.ogrenciyardim.net/	1970-01-21 09:40:30	Name: FCNEC Value: %5B%5B%22AKsRol90xZH7TIQghogdl-IymP-ykiv1ritQJ48-VBOMOZHyE6vv33iHiIFXwzJhtKlcE3s7R4uVoSMWfKywGKfTYmRsspSxJjgx0IFW_XmK9jIvHCeX8Gt67BvPSOLzoPTq6uBUs2FXKxaUz-g8oFcqFqXsQ_m_lQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
memur.ogrenciyardim.net
p.typekit.net
pagead2.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
memur.ogrenciyardim.net
142.250.176.194
142.250.65.238
142.250.80.34
142.250.80.66
142.250.80.68
142.251.35.161
142.251.40.142
142.251.40.232
23.223.209.14
23.223.209.75
45.151.249.46
02b87089386a8b0b44da1cab755f2a3faa1491014d34f35b2d1442d1cf197507
04689be6e51eaf5c62cfd08d22bdf26c823a42918d34226ebb16934742f36397
08892cb73524e13c2afb71cf5f6c81562e2e6bcb5ccdb2c52458abb3f2828425
1446edd6e4799bee1798ce5db599e02655c5b63fa267b585d4fcb1d8df1cfdcd
1454ecf32595c81b23321e724a14d5c1a37967468bd42158b2eba6615cd187ee
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
24b8b491337fe93e370c99a7e31772de547fb445e1c4a83030ffc0c476a75f05
34332706e5b51ee18bc1efb39cbbfe6f93b76d6a5c4000f266c9c3c77e5190a8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4fd3aa1469bfe6803572cd2f5e4fc0f92f2982b8f0ecbff8f4a1cfe7b7e200e5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
73b7902f35ace7f3e318b2d7d155fc3336a88857c89f673f5298db699e3f09b2
7467e3c08084e6d5beea8c36904f453e08e15b0c6ed88d05d41abeb593bb13f5
8c44d16a083a7b940fa62ec458cc4cac46e67c137c511d5bc26fc8aa04fc037b
8e36707e7bd75d1be703f0c1708be48fef9590151e9d1378e6e9f943d58f39d9
8f6132d44f25813b9db779948a76ddb894bb780d16a4623ba0599a241e1c1b62
9816a47065f8451578484cee4ad7144bb5533075601284f65b76599e091f7e83
a96f664a52bdca0f3d7d49db75fd32683437f92b0153c16c53426f97e6adeb65
a989eae1830cdca75c4264d272fd69aa6319e50373d66ee780c4872770eb29e1
c24707b0e2858c9132a0f090167817a051544ec54a1b34ff8c31fea34ced8b18
cb4548cc2b9ea509c26709c8c8bd320e735041525501e4e7cbafadac71526cc7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb870b9df6310f82e8b0501b5de1724c970603023d73bd2a8ee5c3e77828b11f
d188c91a851cef2e657e18c38f307cf0eed20e35a77425d807edeb66f78a61ef
daf97cfd9d584b2531d2f1bdb8d61ce05571bfcf04507241927ee98327aee413
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed74e40fece8ce61713640e4c9958167c06d6e07b9e6f04d1351d150053357d2
f609f4b1853661ea8ba32f1c43288a1732a4e65be8c70de54b35158d31454531
f8f5e1b56404cc2712dcbb5e2dd5dd8f42e535f7059ad39976051bdc1870cd0a
f968c5b5717636f737ab975a830d836d1e97bd146f498eb998ab6784b30fcdb0
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

memur.ogrenciyardim.net Open in urlscan Pro 45.151.249.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

96 %HTTPS

0 %IPv6

8 Domains

11 Subdomains

12 IPs

2 Countries

706 kBTransfer

1992 kBSize

7 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

memur.ogrenciyardim.net Open in urlscan Pro
45.151.249.46 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

706 kB
Transfer

1992 kB
Size

7
Cookies

46 HTTP transactions
1 data transactions