urlscan.io logo urlscan.io
SecurityTrails logo

www.dualarimiz.com Open in urlscan Pro
5.2.85.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.dualarimiz.com/
Effective URL: https://www.dualarimiz.com/
Submission: On October 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 48 HTTP transactions. The main IP is 5.2.85.171, located in Izmir, Turkey and belongs to ALASTYR, TR. The main domain is www.dualarimiz.com.
TLS certificate: Issued by R11 on September 27th 2024. Valid for: 3 months.
This is the only time www.dualarimiz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    5.2.85.171 (Izmir, Turkey)

ASN3188 (ALASTYR, TR)
www.dualarimiz.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.215.18 (United States)

ASN13335 (CLOUDFLARENET, US)
www.e-mailit.com
3    172.67.141.123 (United States)

ASN13335 (CLOUDFLARENET, US)
weshareapp.io
www.weshareapp.io
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
fundingchoicesmessages.google.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.de
1    157.240.0.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-02-fra3.facebook.com
graph.facebook.com
Apex Domain
Subdomains		 Transfer
18 dualarimiz.com
www.dualarimiz.com
359 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
region1.analytics.google.com — Cisco Umbrella Rank: 4401
129 KB
5 gstatic.com
fonts.gstatic.com
163 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
41 KB
3 weshareapp.io
weshareapp.io
www.weshareapp.io
93 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
595 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
208 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
197 KB
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 185
319 B
1 e-mailit.com
www.e-mailit.com
666 B
48 12
Domain Requested by
18 www.dualarimiz.com www.dualarimiz.com
5 fonts.gstatic.com fonts.googleapis.com
www.dualarimiz.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 www.google-analytics.com www.dualarimiz.com
www.google-analytics.com
3 fonts.googleapis.com www.dualarimiz.com
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com www.google-analytics.com
ajax.googleapis.com
2 www.weshareapp.io www.dualarimiz.com
ajax.googleapis.com
2 pagead2.googlesyndication.com www.dualarimiz.com
pagead2.googlesyndication.com
1 graph.facebook.com ajax.googleapis.com
1 ajax.googleapis.com www.e-mailit.com
1 region1.google-analytics.com www.googletagmanager.com
1 weshareapp.io 1 redirects
1 www.e-mailit.com 1 redirects
48 16
Subject Issuer Validity Valid
dualarimiz.com
R11		 2024-09-27 -
2024-12-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
weshareapp.io
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-07 -
2024-11-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.dualarimiz.com/
Frame ID: CAA9E6D4F887D2067D125897DECA186D
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dualar - ANASAYFA

Page URL History Show full URLs

  1. http://www.dualarimiz.com/ HTTP 307
    https://www.dualarimiz.com/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • (?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

44 %
IPv6

12
Domains

16
Subdomains

15
IPs

4
Countries

1212 kB
Transfer

3328 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dualarimiz.com/ HTTP 307
    https://www.dualarimiz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.e-mailit.com/widget/menu3x/js/button.js HTTP 301
  • https://weshareapp.io/widget/menu3x/js/button.js HTTP 301
  • https://www.weshareapp.io/widget/menu3x/js/button.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dualarimiz.com/
Redirect Chain
  • http://www.dualarimiz.com/
  • https://www.dualarimiz.com/
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a79a44530864812fb3e253e294be3a001ffbee6e8674608141c4f7f11ccbb89a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0,public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 04:17:35 GMT
expires
Wed, 17 Aug 2005 00:00:00 GMT
last-modified
Tue, 29 Oct 2024 04:17:34 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
permissions-policy
interest-cohort=()
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Location
https://www.dualarimiz.com/
Non-Authoritative-Reason
HttpsUpgrades
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2b70d95890cbd255ccdd688c30bcfce65ca06d566c16bc637587ae95de5c6b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
br
etag
4903584284743658648
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 04:17:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53572
x-xss-protection
0
server
cafe
style.css
www.dualarimiz.com/components/com_jcomments/tpl/default/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/components/com_jcomments/tpl/default/style.css?v=3002
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c4da80aba56a03dec2e7d3a668f8540b5c8c8b2853dafea5a50b72c4d8394a2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
content-encoding
br
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
3045
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/css
last-modified
Tue, 25 Apr 2023 11:47:15 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.min-cc07e1fe.js
www.dualarimiz.com/cache/template/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/cache/template/jquery.min-cc07e1fe.js?80231492af8361355f061e8ac18a1e87
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
content-encoding
br
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
33158
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
application/javascript
last-modified
Tue, 25 Apr 2023 10:24:35 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery-noconflict-f0845c69.js
www.dualarimiz.com/cache/template/ 		20 B
50 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/cache/template/jquery-noconflict-f0845c69.js?80231492af8361355f061e8ac18a1e87
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
844a36c2c43704c5ae846d0f52093463bc6e84d547d04528eefb6313129e570f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
20
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
application/javascript
last-modified
Tue, 25 Apr 2023 10:24:35 GMT
server
LiteSpeed
jquery-migrate.min-08f694db.js
www.dualarimiz.com/cache/template/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/cache/template/jquery-migrate.min-08f694db.js?80231492af8361355f061e8ac18a1e87
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
content-encoding
br
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
3823
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
application/javascript
last-modified
Tue, 25 Apr 2023 10:24:35 GMT
vary
Accept-Encoding
server
LiteSpeed
bootstrap-c94ff22f.css
www.dualarimiz.com/cache/template/ 		146 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/cache/template/bootstrap-c94ff22f.css
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
801e9556413aaba7385d23d2369ae38ef24c853d575503128df026fdbdbaf739

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
content-encoding
br
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
23639
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/css
last-modified
Tue, 25 Apr 2023 10:16:00 GMT
vary
Accept-Encoding
server
LiteSpeed
theme-a94306c4.css
www.dualarimiz.com/cache/template/ 		109 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/cache/template/theme-a94306c4.css
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cae8ef79a7aa799bd53ec01c4ac13e03da0bfdfc8a6c4b80272883b713f8094d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
content-encoding
br
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
19658
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/css
last-modified
Tue, 25 Apr 2023 11:59:13 GMT
vary
Accept-Encoding
server
LiteSpeed
theme-1eb97895.js
www.dualarimiz.com/cache/template/ 		83 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/cache/template/theme-1eb97895.js
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
da89f7e75eeaa5e592ac60baf866d33bf5b4efe889db6ca8bf6e1622228d4418

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
content-encoding
br
expires
Wed, 29 Oct 2025 04:17:35 GMT
accept-ranges
bytes
content-length
21325
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
application/javascript
last-modified
Tue, 25 Apr 2023 11:59:13 GMT
vary
Accept-Encoding
server
LiteSpeed
turknet_bedava_desktop.png
www.dualarimiz.com/images/banners/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/images/banners/turknet_bedava_desktop.png
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3ae51f90de427d3aad0e3b55538f398c62e51bbbb17edde1a6cac2db676d0d18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
95909
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/png
last-modified
Tue, 25 Apr 2023 09:41:27 GMT
server
LiteSpeed
tovbeduasi.jpg
www.dualarimiz.com/images/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/images/tovbeduasi.jpg
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2d8518dbc6e0384fedcec4d14d97b96bb3beb26590e4c8b2d5e89c0a26ed9f28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
65005
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/jpeg
last-modified
Tue, 25 Apr 2023 09:41:15 GMT
server
LiteSpeed
icon.png
www.dualarimiz.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/images/icon.png
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a12ffcc13e152abac295ca98304650c88eef16d9b63e197699db192e8f6eb0e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
2088
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/png
last-modified
Tue, 25 Apr 2023 09:40:10 GMT
server
LiteSpeed
bildirim.png
www.dualarimiz.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/images/bildirim.png
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7e7c5cac92a1d43b06ca95cc610fb4b2387accdbbda3740e1a40e412027238d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
1286
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/png
last-modified
Tue, 25 Apr 2023 09:38:48 GMT
server
LiteSpeed
merasim-dualari.png
www.dualarimiz.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/images/merasim-dualari.png
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b61171cfb8c3629e5d09a6982d1facb1a7100dae9e99504715ef094e88df9d4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2318
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/png
last-modified
Tue, 25 Apr 2023 09:40:50 GMT
server
LiteSpeed
tevbe1.png
www.dualarimiz.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/images/tevbe1.png
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6bcbba17e3ecefe915f1ce5dec491d85ee3ebdcb32ac390e5c87b14142dacb84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
2667
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/png
last-modified
Tue, 25 Apr 2023 09:41:13 GMT
server
LiteSpeed
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/ 		435 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8961784295093699&plah=www.dualarimiz.com&bust=31088518
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e996adb5a7ef9b4b4f7d8393459dc3ac6ae3a039116dfd7b22fb2ec6d33647e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
br
etag
4059842056493177443
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 04:17:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
148409
x-xss-protection
0
server
cafe
button.js
www.weshareapp.io/widget/menu3x/js/
Redirect Chain
  • https://www.e-mailit.com/widget/menu3x/js/button.js
  • https://weshareapp.io/widget/menu3x/js/button.js
  • https://www.weshareapp.io/widget/menu3x/js/button.js
343 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weshareapp.io/widget/menu3x/js/button.js
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Server
172.67.141.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
90fd9d747cf4e424743ba0f953379c1351264d276a18c02fbd5c40a0f6db8542

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67193af0-55d3d"
age
14954
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QY6HZzl%2FJ1eeQr1kW2ag4tN8Bb6RXxmUEqyTS9%2FjnANpQgzJDXytRXp5U2F6Ma%2FrNhejrd6yAj%2B7YEIIkzeTrI7qcT59mLeF1sIPkqkfWcIaAsrVqm4o2eplvrdmRsU4syaXTA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 30 Oct 2024 00:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49005&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5206&recv_bytes=4660&delivery_rate=33209&cwnd=12000&unsent_bytes=0&cid=0fa8ecf0e835fdf2&ts=144&x=1", cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 18:05:36 GMT
vary
Accept-Encoding
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da05b5958dbd506-CDG
x-powered-by
PleskLin
server
cloudflare

Redirect headers

cache-control
max-age=604800
location
https://www.weshareapp.io/widget/menu3x/js/button.js
cf-cache-status
HIT
age
468794
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cekpY%2FqosZtxbV52IDH6S7HvwwerDlR8kMsn5%2BHvXY1AAf477xgNSoNoxgffHNIaYKJV9Du5M1fdPf%2B7p7bNtxpfD5YRCwTyiUmV8Exi8CrxlauMSbhGT5llWcxSmj6"}],"group":"cf-nel","max_age":604800}
cf-ray
8da05b58e8bad506-CDG
expires
Wed, 30 Oct 2024 18:04:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47478&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4130&recv_bytes=4239&delivery_rate=68729&cwnd=12000&unsent_bytes=0&cid=0fa8ecf0e835fdf2&ts=65&x=1", cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/html; charset=iso-8859-1
x-powered-by
PleskLin
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/cache/template/bootstrap-c94ff22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
139681a94faa2bc84b1493a573777c22280c12f293b42c3f2d3940dab9467d9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 04:17:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 03:02:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		774 B
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/cache/template/bootstrap-c94ff22f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 04:17:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 02:54:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
age
2846
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 05:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 03:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
jc_blog.gif
www.dualarimiz.com/components/com_jcomments/tpl/default/images/ 		90 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dualarimiz.com/components/com_jcomments/tpl/default/images/jc_blog.gif
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/components/com_jcomments/tpl/default/style.css?v=3002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
54952f484a72464374141c1515910cf11c7a5fcc30a52b2d46b590efece2518f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/components/com_jcomments/tpl/default/style.css?v=3002

Response headers

cache-control
max-age=3600, public
expires
Thu, 28 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
90
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
image/gif
last-modified
Tue, 25 Apr 2023 11:49:00 GMT
server
LiteSpeed
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://fonts.googleapis.com/

Response headers

age
561217
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:23:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:23:58 GMT
last-modified
Wed, 01 May 2024 20:31:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22432
x-xss-protection
0
server
sffe
IcoMoon.woff
www.dualarimiz.com/media/jui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/media/jui/fonts/IcoMoon.woff
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/cache/template/bootstrap-c94ff22f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://www.dualarimiz.com/cache/template/bootstrap-c94ff22f.css

Response headers

cache-control
public, max-age=604800,public
expires
Tue, 05 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
25424
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
font/woff
last-modified
Tue, 25 Apr 2023 10:20:58 GMT
server
LiteSpeed
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2
fonts.gstatic.com/s/raleway/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
8453963081f532ded1dbe554f5ffde03900ebdd2975f194726fcd3cdd249fce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://fonts.googleapis.com/

Response headers

age
561424
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:20:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:20:31 GMT
last-modified
Wed, 01 May 2024 20:31:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16768
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
www.dualarimiz.com/templates/blue_2/warp/vendor/uikit/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/templates/blue_2/warp/vendor/uikit/fonts/fontawesome-webfont.woff2
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/cache/template/theme-a94306c4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://www.dualarimiz.com/cache/template/theme-a94306c4.css

Response headers

cache-control
public, max-age=604800,public
expires
Tue, 05 Nov 2024 04:17:35 GMT
accept-ranges
bytes
content-length
56780
date
Tue, 29 Oct 2024 04:17:35 GMT
content-type
font/woff2
last-modified
Tue, 25 Apr 2023 09:17:59 GMT
server
LiteSpeed
ca-pub-8961784295093699
fundingchoicesmessages.google.com/i/ 		196 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8961784295093699?href=https%3A%2F%2Fwww.dualarimiz.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8961784295093699&plah=www.dualarimiz.com&bust=31088518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0173a61eeb559fc7239d0f023d869181d6bfaac8948692cef722c258d0daa484
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QaCuJHtPNRt9TW3oB0Q0VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAnGRxBXWJiC-3XSF9TEQM3y9wsoBxELcHA8ON-5kE2h41KGlpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoYGSuZ2AeX2AAAH3WSFY"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QaCuJHtPNRt9TW3oB0Q0VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
www.google-analytics.com/j/ 		15 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1736423942&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dualarimiz.com%2F&ul=de-de&de=UTF-8&dt=Dualar%20-%20ANASAYFA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=50652904&gjid=849067437&cid=2111105289.1730175456&tid=UA-4249477-1&_gid=432312494.1730175456&_r=1&_slc=1&z=623581542
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
83eac664546a4f774d5313542535a34e6e6acf5a66767e6ce683ce35f7566d58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dualarimiz.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:35 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VFM7W02N49&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5942f719cbbad4bc1cf5f4dbd35e23dfd5991efb29a6f1d2d248fa1dd501d92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 04:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101413
x-xss-protection
0
server
Google Tag Manager
AGSKWxVyB8JqLHc7CdbRc4jU23Eh8U-8Bn4r37u6Daatbx887Oiv4pgT8CbBvAkTS6iPxL4s5jNcVRDy3KS7Hg_0rm8uU6k0X6pMV4M4lFa0JuLJ4GXw0UvxYSI9zuWDBB4J24dXE5EGig==
fundingchoicesmessages.google.com/f/ 		433 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVyB8JqLHc7CdbRc4jU23Eh8U-8Bn4r37u6Daatbx887Oiv4pgT8CbBvAkTS6iPxL4s5jNcVRDy3KS7Hg_0rm8uU6k0X6pMV4M4lFa0JuLJ4GXw0UvxYSI9zuWDBB4J24dXE5EGig==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMTc1NDU2LDIxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZHVhbGFyaW1pei5jb20vIixudWxsLFtbOCwiandZbjBBaEpidWMiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jwYn0AhJbuc.es5.O/am=DgY/d=1/rs=AJlcJMwVNzsjwuQhaxVur-YNmUtGFBTf0w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3fd8b59039fe3d59053bee59a298bfc7420ffd9e3478ffcfa28a10862f3f594
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P9_MtDrEE2og_631Z-YJAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8d6Pl1iPAnGRxBXWJiC-3XSF9TEQM3y9wsoBxEI8HA8ON-5kE3gxYcdkRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwMjcz0D8_gCAwDM_Ej4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P9_MtDrEE2og_631Z-YJAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VFM7W02N49&gtm=45je4ao0v9123254751za200&_p=1730175456023&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101533422~101823848~101925629&ul=de-de&sr=1600x1200&cid=2111105289.1730175456&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.dualarimiz.com%2F&dt=Dualar%20-%20ANASAYFA&sid=1730175456&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2423
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFM7W02N49&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/plain
server
Golfe2
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jwYn0AhJbuc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzM-LmiAvP_OGGU_DczDRfC3JRGsw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d413bbe05501fb2a71c5566b9d2e5e3a9366e9f6f7ae7053ce674485aeface69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 04:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 04:17:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.dualarimiz.com
URL: https://www.dualarimiz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://www.dualarimiz.com/

Response headers

age
560969
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:28:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:28:07 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxX8xuyQxBxBTA6pFwkg_4Jc7RTTs70IgBRkLCjXsp3sb2GGblp41FnPGis8osn0sRFZRsk19C0m4Rj_Qw6E-jYCy-eW7-kvInHmmfGBpe_5_S75mJ2FnhtLi5153F6qjcG3qjt2Hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8xuyQxBxBTA6pFwkg_4Jc7RTTs70IgBRkLCjXsp3sb2GGblp41FnPGis8osn0sRFZRsk19C0m4Rj_Qw6E-jYCy-eW7-kvInHmmfGBpe_5_S75mJ2FnhtLi5153F6qjcG3qjt2Hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jwYn0AhJbuc.es5.O/am=DgY/d=1/rs=AJlcJMwVNzsjwuQhaxVur-YNmUtGFBTf0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MlIVy8EpLdEcrRrmf7exVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dualarimiz.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoAxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheHC4cSebwIU5D78wKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjcz0D8_gCAwB6Py5w"
content-security-policy
script-src 'report-sample' 'nonce-MlIVy8EpLdEcrRrmf7exVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dualarimiz.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX8xuyQxBxBTA6pFwkg_4Jc7RTTs70IgBRkLCjXsp3sb2GGblp41FnPGis8osn0sRFZRsk19C0m4Rj_Qw6E-jYCy-eW7-kvInHmmfGBpe_5_S75mJ2FnhtLi5153F6qjcG3qjt2Hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8xuyQxBxBTA6pFwkg_4Jc7RTTs70IgBRkLCjXsp3sb2GGblp41FnPGis8osn0sRFZRsk19C0m4Rj_Qw6E-jYCy-eW7-kvInHmmfGBpe_5_S75mJ2FnhtLi5153F6qjcG3qjt2Hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jwYn0AhJbuc.es5.O/am=DgY/d=1/rs=AJlcJMwVNzsjwuQhaxVur-YNmUtGFBTf0w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fvlBmYIkDruXx9a96WwHYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dualarimiz.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoAxO5aF1n9gXjvx0usR4GY4esVVg4gFuLheHC4cSebwImt878yKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMjcz0D8_gCAwBvZy5G"
content-security-policy
script-src 'report-sample' 'nonce-fvlBmYIkDruXx9a96WwHYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dualarimiz.com
content-length
0
x-xss-protection
0
server
ESF
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: www.e-mailit.com
URL: https://www.e-mailit.com/widget/menu3x/js/button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
age
559598
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:50:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:50:58 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33507
x-xss-protection
0
server
sffe
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://fonts.googleapis.com/

Response headers

age
561294
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:22:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:22:42 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe
1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v34/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.dualarimiz.com
Referer
https://fonts.googleapis.com/

Response headers

age
561494
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:19:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:19:22 GMT
last-modified
Wed, 01 May 2024 20:31:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30860
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		331 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-67RVFLXN63
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56809b7a8e0c2cbd2ec5091f9d84776a73be6e4477c25827060e1ee4d7380b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 04:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110462
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/j/ 		3 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1736423942&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dualarimiz.com%2F&ul=de-de&de=UTF-8&dt=Dualar%20-%20ANASAYFA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABAAAAACAAI~&jid=2108452135&gjid=1590268185&cid=2111105289.1730175456&tid=UA-6640442-5&_gid=432312494.1730175456&_r=1&_slc=1&z=325118827
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dualarimiz.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
partners.js
www.weshareapp.io/widget/menu3x/js/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.weshareapp.io/widget/menu3x/js/partners.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3ada5a70d076ca7fb056d99bb53da116058f3f67afe0a455771918c100d311f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"364-5fcb50d7b0740-gzip"
age
36272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZduuKIa9EfAAEYb8vJjzCHhd72L%2FlwSrUv6nHI%2FD3TjZ5kkfkXDxOBcpFiB9rmPVTUXAuONaO4Nm09pLEcnu4IY7mpccWOJx573nT1qSe8NpH%2FISwkSvDz9DYsy%2BRiP9rVpcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 29 Oct 2024 18:13:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50034&sent=100&recv=56&lost=0&retrans=0&sent_bytes=100785&recv_bytes=6867&delivery_rate=973147&cwnd=51600&unsent_bytes=0&cid=0fa8ecf0e835fdf2&ts=615&x=1", cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
application/javascript
last-modified
Sat, 27 May 2023 23:17:09 GMT
vary
Accept-Encoding,User-Agent
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version
0.01
cf-ray
8da05b5c5a1ad506-CDG
accept-ranges
bytes
content-length
607
x-powered-by
PleskLin
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-67RVFLXN63&gtm=45je4ao0v894767136za200&_p=1730175456023&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101533422~101823848~101925629&cid=2111105289.1730175456&ecid=1121066445&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1730175456&sct=1&seg=0&dl=https%3A%2F%2Fwww.dualarimiz.com%2F&dt=Dualar%20-%20ANASAYFA&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2924
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-67RVFLXN63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-67RVFLXN63&cid=2111105289.1730175456&gtm=45je4ao0v894767136za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-67RVFLXN63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HJBTJZGSR1&gtm=45je4ao0v894767136za200&_p=1730175456023&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101533422~101823848~101925629&cid=2111105289.1730175456&ecid=760603404&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1730175456&sct=1&seg=0&dl=https%3A%2F%2Fwww.dualarimiz.com%2F&dt=Dualar%20-%20ANASAYFA&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2937
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-67RVFLXN63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
547 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HJBTJZGSR1&cid=2111105289.1730175456&gtm=45je4ao0v894767136za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-67RVFLXN63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dualarimiz.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-67RVFLXN63&cid=2111105289.1730175456&gtm=45je4ao0v894767136za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101925629&tag_exp=101533422~101823848~101925629&z=1777280032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 29 Oct 2024 04:17:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HJBTJZGSR1&cid=2111105289.1730175456&gtm=45je4ao0v894767136za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101925629&tag_exp=101533422~101823848~101925629&z=1710724930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 29 Oct 2024 04:17:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
www.dualarimiz.com/templates/blue_2/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.dualarimiz.com/templates/blue_2/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.2.85.171 Izmir, Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
Software
LiteSpeed /
Resource Hash
292ba1f9ba0f0c30c9a56191f8c6bebecbf15edfb1e56d5bfe8a4a8d104eefcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.dualarimiz.com/

Response headers

cache-control
max-age=3600, public
expires
Tue, 05 Nov 2024 04:17:36 GMT
accept-ranges
bytes
content-length
4158
date
Tue, 29 Oct 2024 04:17:36 GMT
content-type
image/x-icon
last-modified
Tue, 25 Apr 2023 09:13:29 GMT
server
LiteSpeed
/
graph.facebook.com/ 		202 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?fields=og_object{engagement}&id=https%3A%2F%2Fwww.dualarimiz.com%2F
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-02-fra3.facebook.com
Software
/
Resource Hash
a9db6bb4391ace6dfa267349ae5e1fa348c6c34783186d0298905347c5de155c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dualarimiz.com/

Response headers

proxy-status
http_request_error; e_proxy="AcL82wYeS_Ju21s79oE5X5pr4qn9g2knLMuilXjTlXvSUc0gt1_YOxbwJQQRKL2lJPcsNmV4pF6fsN14JQQ"; e_fb_binaryversion="AcLrf1gT7BwfnlolC3nao92RGCU3GaIKJQGUQKsjl2h3D4ZgYF7_OxFAkiqQEkrCUMM8x5UcAGqvDQJHpoSjGBTJXZDMhzDRHT0"; e_fb_httpversion="AcIXNmRa_S2g5lzH7EXTvzUr19s4KoWmEW6xkwHEe9tribtRLAnf7KMvx0FJ"; e_fb_responsebytes="AcLMT-YQhWuQUWotbz4Zb2vux2KfM3jg3NVtlGuZF0HhpU9GMT5ua0TJKifb"; e_fb_requesttime="AcIhPXYJB1n06aRmjqwVO-Ocvw_bWmgn5grDgDHgTwpYA3cRQ_6llpeIUpjhDevNKYUDYFKg_A"; e_fb_requesthandler="AcIXQpvvz5EdCy7BLj3Xijj3zZIslPyf_1Y90GanyWH8DBETDz5NPZLEGre1xOBZdupySgKqir4"; e_fb_hostheader="AcJ9jPMZNi6_RALd1-FUuXP6JLfhAAZA9k-HGGdVGBVRgbAw9c4qWjGg9uJ53tHUpwoG4PQovmj11APo"; e_fb_requestsequencenumber="AcIU1AU8_rcew0Y4ilDbR5Vf3B-KuBk4Wl3jXuIq-EwbVnnfV7EHJ7zLe4nI"; e_upip="AcJyO7Yeq4JIchDX4bLV9dg-9Z5vHtbWiXEnp9XseHK-vo2LpZoGskn3ozFykwc4_-aJTbLLZqbaYHI9L6LiRvTnUsCwL6rYNb7ev0U"; e_fb_builduser="AcIxfTCEAXRBXYpbyORPxmBvdLnFwzvqIJ1wC4Rtc82qYqwohIFpjiePMWX1IyoGvq0"; e_fb_vipport="AcLIomClAF19KHxGgAVpzX8v9T4z3sn_zPam_t4Rq6rTpC0HcVBVaLU5bh_F"; e_clientaddr="AcJVLn1bMW6-LP2XbhhWG1gLc8m9xSNYCSW931uGpNaRmjiAlv6E717LrXBBSnY4L6V3clwow2GIYWzssdJIVeu1wvbhQDXv6QUqni8m4bQwDxJy"; e_fb_vipaddr="AcIB8HoDAJQlKxw4Ks7xnH5Fm6gNrSTpgHuHYSdEJOGvssk5LC25LlqOoM9Tdpi7zyff7FzmLmZfISh1OPpuCtCP-AUATK3V-g"; e_fb_configversion="AcJyVuH39Y-aWkFZqm0yqvCB3jpU4c43-Q4yfLjwrvxcq7XHB3uWxB4d5brgFg", http_request_error; e_proxy="AcK3vCHGKXuLdvKn_9C2I22Fcw8ojzPtTf0E3p9hSgE9WFxH1KQbRKq7zqbwXHx5q80Yu49hQPOKz9Q"; e_fb_binaryversion="AcK9VKIn2V52kOEojPIa-0XE-631MFvnDX1jRBbS4BXctUaUOhRuPu2XEmjd0P6NKALmNuG4Y8bVAHha00uLP5gcVttNPxeuFlI"; e_fb_httpversion="AcIbOIWQChMyinu4c__F73PR9TduZcvI8b49v145GHps0kC6h1CyLPJlc8fg"; e_fb_responsebytes="AcJdgDQTvlYbfvOkh-PsSsFl7Peo31OfhdbNXBDH2LjPCLsMVCFbtgSG1cZR"; e_fb_requesttime="AcLYcNG4wEWx4rNamgfFpmrBpg06TQ_HDZI4kOdDL3PwpguW71ekE3mld4Tqlzuxig0ARHZW-g"; e_fb_requesthandler="AcLmWZPJsMBuT2G8_QLG3uJTCUgXS3MNhZpq4jossowZhNYM8vJ5ASx9Cip4PbWH4wc4vqcC7Xw"; e_fb_hostheader="AcLOkd4hQav8dfkPVRoYUCPanW9E_AOBldF3ohFX4spslUL2osR3dvhAylS4zOxugJsrtGsLVApSwS2u"; e_fb_requestsequencenumber="AcKJxTBWdHyqd-JpQ6mVXjBBlPZAgA5ZJ3HA7_7vG_YWA0Q74rfG3JvOiQ"; e_upip="AcIKyBgq1puix9GY3gbNFjheeWREvVkYGetX8dZA2mQv_nwrZ4e3zsaqfEhOV9zaNcvUOiMIidW-GmIpORSti050T79Lc9hy1g"; e_fb_builduser="AcJ7WOvuDntHmtJRgFTQJUmUF-d_KSCTXOAx4aTnRsFB95MGPp8zMah6Bto5sa2Nry0"; e_fb_vipport="AcLSpVtHUBfN8uBwlrTWZ2wxB3ymzJF4HJrkzJBHTiIXndypHKOrCSbPyZss"; e_clientaddr="AcK8wA0GdcYQBa2EtWRISYA2HuF7tUHY1HGRITz_rjQVFX8aH4ow7716OXQFZfRKBEZz1-ZRn4stYZgN"; e_fb_vipaddr="AcLFPGF1jXj2WroMI-cDjXdlVdISrahi-eXg0Dg7kj4Fv0EU7WMj7bx2D1JpkNo2tQ2bgG1F"; e_fb_configversion="AcLlBQvbeFhEWnMd1tysUxcvO6UGxWyRoHW3oOQv5fuxvlaXPKalUk4elqkZNw"
x-fb-trace-id
CSHKz2Tfkr+
facebook-api-version
v15.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 04:17:39 GMT
content-type
application/json
vary
Origin
x-fb-debug
AY616C6CmweElxSk11gAvwL+GRJDJ81rgteNWQK9WANxv4Lw+coBSzalFRzkgK4VykfKlw+uBvBFUt2GnxciFA==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
x-fb-rev
1017744855
cache-control
no-store
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4418, tp=9, tpl=0, uplat=100, ullat=0
pragma
no-cache
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-request-id
Arv0pvBbOofDWK839nsCJdv
access-control-allow-origin
*
content-length
202

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| jQuery object| e_mailit_config object| UIkit object| jQuery112406811738684496467 string| GoogleAnalyticsObject function| ga function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo object| gaplugins object| gaGlobal object| gaData object| dataLayer object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OTZmZjc4MDZkMDZhZjI0ZWxvYWRlcl9qcw== string| OTZmZjc4MDZkMDZhZjI0ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_manager object| e_mailit function| emailit_jQ function| initGA function| e_mailit_plusone_vote function| fbAsyncInit object| jQuery111303721463795675768 function| emailit_ga function| gtag function| onYouTubeIframeAPIReady

8 Cookies

Domain/Path Name / Value
www.dualarimiz.com/ Name: d3ef8ad2c6c4e8f174751520ccd50008
Value: 9b3619022817ca47c1c04a1ce3081ec8
.dualarimiz.com/ Name: _gid
Value: GA1.2.432312494.1730175456
.dualarimiz.com/ Name: _gat
Value: 1
.dualarimiz.com/ Name: _ga_VFM7W02N49
Value: GS1.2.1730175456.1.0.1730175456.0.0.0
.dualarimiz.com/ Name: _gat_emailit
Value: 1
.dualarimiz.com/ Name: _ga_67RVFLXN63
Value: GS1.1.1730175456.1.0.1730175456.60.0.1121066445
.dualarimiz.com/ Name: _ga
Value: GA1.1.2111105289.1730175456
.dualarimiz.com/ Name: _ga_HJBTJZGSR1
Value: GS1.1.1730175456.1.0.1730175456.60.0.760603404

1 Console Messages

Source Level URL
Text
network error URL: https://graph.facebook.com/?fields=og_object{engagement}&id=https%3A%2F%2Fwww.dualarimiz.com%2F
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
graph.facebook.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
weshareapp.io
www.dualarimiz.com
www.e-mailit.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.weshareapp.io
142.250.184.227
142.250.186.98
142.250.74.195
157.240.0.13
172.217.16.206
172.67.141.123
172.67.215.18
2001:4860:4802:32::178
2001:4860:4802:34::36
216.239.34.178
2a00:1450:4001:801::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::200a
2a00:1450:4001:82b::200a
2a00:1450:400c:c0d::9a
5.2.85.171
0173a61eeb559fc7239d0f023d869181d6bfaac8948692cef722c258d0daa484
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
139681a94faa2bc84b1493a573777c22280c12f293b42c3f2d3940dab9467d9d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
292ba1f9ba0f0c30c9a56191f8c6bebecbf15edfb1e56d5bfe8a4a8d104eefcb
2b70d95890cbd255ccdd688c30bcfce65ca06d566c16bc637587ae95de5c6b4a
2d8518dbc6e0384fedcec4d14d97b96bb3beb26590e4c8b2d5e89c0a26ed9f28
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
3ada5a70d076ca7fb056d99bb53da116058f3f67afe0a455771918c100d311f4
3ae51f90de427d3aad0e3b55538f398c62e51bbbb17edde1a6cac2db676d0d18
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
54952f484a72464374141c1515910cf11c7a5fcc30a52b2d46b590efece2518f
56809b7a8e0c2cbd2ec5091f9d84776a73be6e4477c25827060e1ee4d7380b46
6bcbba17e3ecefe915f1ce5dec491d85ee3ebdcb32ac390e5c87b14142dacb84
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
7e7c5cac92a1d43b06ca95cc610fb4b2387accdbbda3740e1a40e412027238d6
801e9556413aaba7385d23d2369ae38ef24c853d575503128df026fdbdbaf739
83eac664546a4f774d5313542535a34e6e6acf5a66767e6ce683ce35f7566d58
844a36c2c43704c5ae846d0f52093463bc6e84d547d04528eefb6313129e570f
8453963081f532ded1dbe554f5ffde03900ebdd2975f194726fcd3cdd249fce0
90fd9d747cf4e424743ba0f953379c1351264d276a18c02fbd5c40a0f6db8542
a12ffcc13e152abac295ca98304650c88eef16d9b63e197699db192e8f6eb0e4
a5942f719cbbad4bc1cf5f4dbd35e23dfd5991efb29a6f1d2d248fa1dd501d92
a79a44530864812fb3e253e294be3a001ffbee6e8674608141c4f7f11ccbb89a
a9db6bb4391ace6dfa267349ae5e1fa348c6c34783186d0298905347c5de155c
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b61171cfb8c3629e5d09a6982d1facb1a7100dae9e99504715ef094e88df9d4d
c4da80aba56a03dec2e7d3a668f8540b5c8c8b2853dafea5a50b72c4d8394a2c
cae8ef79a7aa799bd53ec01c4ac13e03da0bfdfc8a6c4b80272883b713f8094d
d3fd8b59039fe3d59053bee59a298bfc7420ffd9e3478ffcfa28a10862f3f594
d413bbe05501fb2a71c5566b9d2e5e3a9366e9f6f7ae7053ce674485aeface69
da89f7e75eeaa5e592ac60baf866d33bf5b4efe889db6ca8bf6e1622228d4418
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e996adb5a7ef9b4b4f7d8393459dc3ac6ae3a039116dfd7b22fb2ec6d33647e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629