one.variptvtr.com Open in urlscan Pro
2606:4700:3035::6815:4577 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://one.variptvtr.com/
Submission: On March 08 via manual (March 8th 2023, 5:49:55 am UTC) from TR — Scanned from DE

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3035::6815:4577, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.variptvtr.com.

This is the only time one.variptvtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3035::6815:4577	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a01:4f8:151:... 2a01:4f8:151:6117::2	24940 (HETZNER-AS) (HETZNER-AS)
2	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 3	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	195.142.106.235 195.142.106.235	199484 (SAGLAYICI) (SAGLAYICI)
1	109.236.91.24 109.236.91.24	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3032::6815:24fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	195.142.105.24 195.142.105.24	199484 (SAGLAYICI) (SAGLAYICI)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::ac43:d2c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	195.142.109.125 195.142.109.125	199484 (SAGLAYICI) (SAGLAYICI)
44	15

2 2606:4700:3035::6815:4577 (United States)

ASN13335 (CLOUDFLARENET, US)

one.variptvtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:4f8:151:6117::2 (Fürth, Germany)

ASN24940 (HETZNER-AS, DE)

ir.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oa.onlinekisi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ir1.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in3.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl154258.alternativecpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.20.218.77 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.106.235 (Istanbul, Turkey) 1 redirects

ASN199484 (SAGLAYICI, TR)
PTR: 195-142-106-235.rdns.saglayici.net

sondakika.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.236.91.24 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 109-236-91-24.hosted-by-worldstream.net

www.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::6815:24fc (United States)

ASN13335 (CLOUDFLARENET, US)

s.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.internethaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.105.24 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)

ad-cdn.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:d2c0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.bildirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.142.109.125 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)
PTR: 195-142-109-125.rdns.saglayici.net

ad.bilgin.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	internethaber.com 1 redirects sondakika.internethaber.com www.internethaber.com — Cisco Umbrella Rank: 449287 s.internethaber.com — Cisco Umbrella Rank: 791127 i.internethaber.com	410 KB
9	statcounter.com 3 redirects statcounter.com — Cisco Umbrella Rank: 8520 c.statcounter.com — Cisco Umbrella Rank: 9185	45 KB
7	gstatic.com fonts.gstatic.com	188 KB
6	sitekodlari.com ir.sitekodlari.com ir1.sitekodlari.com in3.sitekodlari.com	11 KB
3	onlinekisi.com oa.onlinekisi.com	2 KB
2	bildirt.com cdn2.bildirt.com — Cisco Umbrella Rank: 90892	26 KB
2	bilgin.pro ad-cdn.bilgin.pro — Cisco Umbrella Rank: 283500 ad.bilgin.pro — Cisco Umbrella Rank: 215102	9 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	157 KB
2	alternativecpmgate.com pl154258.alternativecpmgate.com
2	variptvtr.com one.variptvtr.com	6 KB
1	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939	43 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	77 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
44	14

	Domain	Requested by
7	fonts.gstatic.com	fonts.googleapis.com
6	s.internethaber.com	www.internethaber.com
6	statcounter.com	3 redirects ir1.sitekodlari.com oa.onlinekisi.com
3	c.statcounter.com	statcounter.com
3	ir1.sitekodlari.com	one.variptvtr.com ir1.sitekodlari.com
3	oa.onlinekisi.com	one.variptvtr.com oa.onlinekisi.com
2	cdn2.bildirt.com	www.internethaber.com cdn2.bildirt.com
2	securepubads.g.doubleclick.net	www.internethaber.com securepubads.g.doubleclick.net
2	pl154258.alternativecpmgate.com	one.variptvtr.com
2	ir.sitekodlari.com	one.variptvtr.com
2	one.variptvtr.com	one.variptvtr.com
1	ad.bilgin.pro	ad-cdn.bilgin.pro
1	i.internethaber.com	www.internethaber.com
1	fundingchoicesmessages.google.com	www.internethaber.com
1	www.google-analytics.com	www.internethaber.com
1	www.googletagmanager.com	www.internethaber.com
1	ad-cdn.bilgin.pro	www.internethaber.com
1	fonts.googleapis.com	www.internethaber.com
1	www.internethaber.com	ir1.sitekodlari.com
1	sondakika.internethaber.com	1 redirects
1	in3.sitekodlari.com	ir1.sitekodlari.com
44	21

This site contains links to these domains. Also see Links.

Domain
www.sitekodlari.com

Subject Issuer	Validity	Valid
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.internethaber.com AlphaSSL CA - SHA256 - G2	`2022-04-27` - `2023-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.bilgin.pro AlphaSSL CA - SHA256 - G2	`2022-04-27` - `2023-05-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://one.variptvtr.com/
Frame ID: F10F9B0F6ACDBBA40539D6FD91689F05
Requests: 7 HTTP requests in this frame

Frame: http://ir1.sitekodlari.com/guso1.php
Frame ID: 370A93555DDA50D29F20A4598AC2F843
Requests: 4 HTTP requests in this frame

Frame: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Frame ID: 178F364311EDE6179BB7847415698DE6
Requests: 4 HTTP requests in this frame

Frame: http://ir1.sitekodlari.com/ekoh3.php
Frame ID: 9D0D174CEFDF13C214BE2DFC85B52B3B
Requests: 4 HTTP requests in this frame

Frame: https://www.internethaber.com/son-dakika//?t=23&cid=3
Frame ID: 1222F53F33730DB673C84BF39438951B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Title of the document

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

44
Requests

64 %
HTTPS

59 %
IPv6

14
Domains

21
Subdomains

15
IPs

6
Countries

995 kB
Transfer

2452 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sitekodlari.com/ekonomihaberlerikodu.php
Title: Sitene Ekonomi Haberleri Ekle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://statcounter.com/counter/counter.js HTTP 301
https://statcounter.com/counter/counter.js

Request Chain 14

http://statcounter.com/counter/counter.js HTTP 301
https://statcounter.com/counter/counter.js

Request Chain 15

http://statcounter.com/counter/counter.js HTTP 301
https://statcounter.com/counter/counter.js

Request Chain 16

http://sondakika.internethaber.com/?t=23&cid=3 HTTP 301
https://www.internethaber.com/son-dakika//?t=23&cid=3

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
one.variptvtr.com/ 840 B
1017 B 120ms
63ms Document
text/html 2606:4700:3035::6815:4577
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one.variptvtr.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:4577 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1b0f79928bdb3f4defd9ee3dbce39cf537c6d885da9d5eca593ded4b061f69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a48cc197a1037f1-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 08 Mar 2023 05:49:50 GMT
Last-Modified: Sun, 11 Dec 2022 23:43:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQsR98eiInjmSC%2FZyj49qEpLry0izUP1O%2B2lM06y42McyIDqabGW3aUsLDCZoSVGpfcDQkAaBaQvQ0p2kyFDYrUkbnxp57bSKYV8dQGgi%2BdcKnKDZqxeTVQv3HehMKgzd1fR8aFRKrTS0SYvBtZTQg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H/1.1 200
OK rocket-loader.min.js Show response
one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:3035::6815:4577
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: one.variptvtr.com
URL: http://one.variptvtr.com/

Protocol

HTTP/1.1

Server

2606:4700:3035::6815:4577 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://one.variptvtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Feb 2023 18:28:05 GMT
Server: cloudflare
ETag: W/"63fe47b5-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN2xOmkG9wAQE2IYls%2BCFSE%2BQghvzlqOkwvQHrbTUf1Z144olnYOt0cTI%2FSfjr9jVFcHBgt9Ofbh3QeenTnYF%2Bt2osNYdx%2FAR7deykjOXnUnyZU5QkcTA%2BiEj7Fv3pUbs%2FnfcbdlDgw79pKLSiP3DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 7a48cc19ea6d37f1-FRA
Expires: Fri, 10 Mar 2023 05:49:51 GMT

GET
H/1.1 200
OK ekonomihaberleri3.js Show response
ir.sitekodlari.com/ 281 B
577 B 122ms
36ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir.sitekodlari.com/ekonomihaberleri3.js
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9c1e5f80225215646769e06fbea01eeaaeedf586d5afdf4bd39e01e84e6645ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://one.variptvtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Last-Modified: Sun, 25 Jul 2021 16:30:07 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "119-5c7f52653a36f"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK ok15.js Show response
oa.onlinekisi.com/i/ 281 B
577 B 218ms
35ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oa.onlinekisi.com/i/ok15.js
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 17e9aec7ecb623bfab305c610a2e23f7284dfdeb75e5030384d3ba2c11ff612f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://one.variptvtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Last-Modified: Mon, 06 May 2019 21:42:41 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "119-5883efada027b"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK gununsozu1.js Show response
ir.sitekodlari.com/ 281 B
577 B 121ms
35ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir.sitekodlari.com/gununsozu1.js
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4974d1fa609ab09b42727d10406311e241baf6123d7ab139761bbf23e2aaa0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://one.variptvtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Last-Modified: Sun, 25 Jul 2021 16:30:08 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "119-5c7f5265bc186"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281

GET
H/1.1 200
OK guso1.php Show response
ir1.sitekodlari.com/ Frame 370A 995 B
1 KB 98ms
37ms Document
text/html 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir1.sitekodlari.com/guso1.php
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: e481f61f6b64b719e15d2511a34a8b6a5cf74c6ea818dd0c2a447c63cc5ca870

Request headers

Referer: http://one.variptvtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16 PleskLin

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 645ms
126ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://one.variptvtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2

200

counter.js Show response
statcounter.com/counter/ Frame 370A
Redirect Chain

http://statcounter.com/counter/counter.js
https://statcounter.com/counter/counter.js

43 KB
15 KB

112ms
39ms

Script
application/javascript

104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/guso1.php
Protocol: H2
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Mar 2023 09:22:36 GMT
server: cloudflare
age: 11555
etag: W/"6407025c-aba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a48cc1ca9acbbeb-FRA
expires: Wed, 08 Mar 2023 14:37:16 GMT

Redirect headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://statcounter.com/counter/counter.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 7a48cc1bff009ba1-FRA
Expires: Wed, 08 Mar 2023 06:49:51 GMT

GET
H/1.1 200
OK ka.png
in3.sitekodlari.com/gunun/ Frame 370A 4 KB
4 KB 96ms
36ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://in3.sitekodlari.com/gunun/ka.png
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/guso1.php
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7e8aced65883006fde262cea4328d38da8e70f873d1a8053e6dba22cbfca787f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Last-Modified: Wed, 04 Dec 2019 20:16:01 GMT
Server: nginx
ETag: "5de81401-e20"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3616

GET
H2 200 t.php Show response
c.statcounter.com/ Frame 370A 192 B
570 B 186ms
170ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11943538&u1=EBEC9AD6F5DA4F97BE690604EEB777F5&java=1&security=69542a32&sc_snum=1&sess=c5bd59&p=0&rcat=r&rdom=one.variptvtr.com&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//one.variptvtr.com/&u=http%3A//ir1.sitekodlari.com/guso1.php&t=&invisible=1&sc_rum_e_s=344&sc_rum_e_e=360&sc_rum_f_s=0&sc_rum_f_e=331&get_config=true
Requested by: Host: statcounter.com
URL: http://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://ir1.sitekodlari.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 7a48cc1d3a34bbeb-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK k15.php Show response
oa.onlinekisi.com/i/ Frame 178F 648 B
858 B 41ms
40ms Document
text/html 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: d309943114e1a61f8ec21a49d5010e59c8b83b82ded4dd81774809a80df88922

Request headers

Referer: http://one.variptvtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16 PleskLin

GET
H/1.1 200
OK ekoh3.php Show response
ir1.sitekodlari.com/ Frame 9D0D 888 B
1 KB 38ms
37ms Document
text/html 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ir1.sitekodlari.com/ekoh3.php
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16 PleskLin
Resource Hash: 9674992c160b3d42522d0fd002e8476dddcb1419c65f0b845890aaea3cb71d7c

Request headers

Referer: http://one.variptvtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16 PleskLin

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 132ms
132ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: one.variptvtr.com
URL: http://one.variptvtr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://one.variptvtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 15ok.php
oa.onlinekisi.com/i/ Frame 178F 241 B
450 B 44ms
44ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oa.onlinekisi.com/i/15ok.php
Requested by: Host: oa.onlinekisi.com
URL: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PHP/5.4.16, PleskLin
Resource Hash: d57f4287081a83f7232e034639761cdd8d8935ee977bfee230485120b1379903

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16, PleskLin
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ekonomi-bosbas.png
ir1.sitekodlari.com/images/ Frame 9D0D 4 KB
4 KB 36ms
35ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ir1.sitekodlari.com/images/ekonomi-bosbas.png
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/ekoh3.php
Protocol: HTTP/1.1
Server: 2a01:4f8:151:6117::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2ac162f9469c41bf5b48640c78e5eaca7d316d3103c59dd87cfd480086d2da21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ir1.sitekodlari.com/ekoh3.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Last-Modified: Sun, 05 May 2019 09:04:26 GMT
Server: nginx
ETag: "5ccea71a-fc4"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4036

GET
H2

200

counter.js Show response
statcounter.com/counter/ Frame 9D0D
Redirect Chain

http://statcounter.com/counter/counter.js
https://statcounter.com/counter/counter.js

43 KB
14 KB

37ms
37ms

Script
application/javascript

104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/ekoh3.php
Protocol: H2
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ir1.sitekodlari.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Mar 2023 09:22:36 GMT
server: cloudflare
age: 11555
etag: W/"6407025c-aba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a48cc1fbc45bbeb-FRA
expires: Wed, 08 Mar 2023 14:37:16 GMT

Redirect headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://statcounter.com/counter/counter.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 7a48cc1f79e99ba1-FRA
Expires: Wed, 08 Mar 2023 06:49:51 GMT

GET
H2

200

counter.js Show response
statcounter.com/counter/ Frame 178F
Redirect Chain

http://statcounter.com/counter/counter.js
https://statcounter.com/counter/counter.js

43 KB
14 KB

39ms
38ms

Script
application/javascript

104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statcounter.com/counter/counter.js
Requested by: Host: oa.onlinekisi.com
URL: http://oa.onlinekisi.com/i/k15.php?q=pnc1357
Protocol: H2
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://oa.onlinekisi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Mar 2023 09:22:36 GMT
server: cloudflare
age: 11555
etag: W/"6407025c-aba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a48cc1fec77bbeb-FRA
expires: Wed, 08 Mar 2023 14:37:16 GMT

Redirect headers

Date: Wed, 08 Mar 2023 05:49:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://statcounter.com/counter/counter.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 7a48cc1fa9089ba0-FRA
Expires: Wed, 08 Mar 2023 06:49:51 GMT

GET
H2

200

/ Show response
www.internethaber.com/son-dakika// Frame 1222
Redirect Chain

http://sondakika.internethaber.com/?t=23&cid=3
https://www.internethaber.com/son-dakika//?t=23&cid=3

110 KB
24 KB

398ms
222ms

Document
text/html

109.236.91.24
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Requested by: Host: ir1.sitekodlari.com
URL: http://ir1.sitekodlari.com/ekoh3.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.236.91.24 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 109-236-91-24.hosted-by-worldstream.net
Software: MerlinCDN /
Resource Hash: c37a3fe43dbb108e67e7267321a84a1ae9dd93bbdde75023b136827f240ed08e

Request headers

Referer: http://ir1.sitekodlari.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: -2
allow: GET, HEAD, POST
cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 05:49:50 GMT
pragma: no-cache
server: MerlinCDN
vary: Accept-Encoding
via: HTTP/2.0 Merlin CDN
x-cache-status: MISS
x-edge: nl-naw-ws-s01
x-lb-cache: EXPIRED
x-merlin-platform: desktop
x-midtier: tr-ist-sh-s03
x-platform: desktop

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 08 Mar 2023 05:49:52 GMT
Location: https://www.internethaber.com/son-dakika//?t=23&cid=3
Server: nginx

POST
H2 200 t.php
c.statcounter.com/ Frame 9D0D 49 B
335 B 170ms
169ms Ping
image/gif 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11943538&u1=EBEC9AD6F5DA4F97BE690604EEB777F5&java=1&security=69542a32&sc_snum=1&sess=c5bd59&p=0&rcat=r&bb=0&rdomo=one.variptvtr.com&rdomg=0&jg=0&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//one.variptvtr.com/&u=http%3A//ir1.sitekodlari.com/ekoh3.php&t=&invisible=1&sc_rum_e_s=162&sc_rum_e_e=173&sc_rum_f_s=0&sc_rum_f_e=153
Requested by: Host: statcounter.com
URL: http://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://ir1.sitekodlari.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 08 Mar 2023 05:49:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 7a48cc201ca8bbeb-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ Frame 178F 192 B
338 B 177ms
176ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10224970&u1=DD1B07F61D874FCEE9BAC1A5CA022ADC&java=1&security=3f95a341&sc_snum=1&sess=c5bd59&p=0&rcat=r&rdom=one.variptvtr.com&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//one.variptvtr.com/&u=http%3A//oa.onlinekisi.com/i/k15.php%3Fq%3Dpnc1357&t=&invisible=1&sc_rum_e_s=207&sc_rum_e_e=213&sc_rum_f_s=0&sc_rum_f_e=198&get_config=true
Requested by: Host: statcounter.com
URL: http://statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://oa.onlinekisi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://oa.onlinekisi.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 7a48cc204ccabbeb-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1222 31 KB
2 KB 238ms
127ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:ital,wght@0,100;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9cb0d2ffff1fd146fcacd2692bc501bd969601f5c396a8db9338aa814324c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 04:30:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 05:49:52 GMT

GET
H2 200 weathericons-regular-webfont.woff2
s.internethaber.com/assets/web/fonts/weather/ Frame 1222 44 KB
44 KB 237ms
143ms Font
application/octet-stream 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/fonts/weather/weathericons-regular-webfont.woff2
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Request headers

Referer: https://www.internethaber.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Wed, 08 Mar 2023 05:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1545346
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44720
x-rocket-mastercachestatus: HIT
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: "63ecb6fa-aeb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQA025XoXjgyLKLcLDqpycD5uyARXNrz0iOP1lxj11yuV865O5HbMkyAVhZh39iuVktw84q0L5oTsyIHDg3rUNU3bisBxoC4HAS8%2BmTX7uHj8A3LuKBsFAlUlynfKX2VAOHOzw6wvct%2FKT1eI3LfXXox"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
accept-ranges: bytes
cf-ray: 7a48cc23db3f9040-FRA
expires: Mon, 20 Mar 2023 08:34:06 GMT

GET
H2 200 icon.ttf
s.internethaber.com/assets/web/fonts/icomoon/ Frame 1222 124 KB
125 KB 128ms
35ms Font
application/octet-stream 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/fonts/icomoon/icon.ttf?kai2k8
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56309f6f31b908376988a176f39162e7532afb423b887ae685af31daabf83d7

Request headers

Referer: https://www.internethaber.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Wed, 08 Mar 2023 05:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1799875
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127404
x-rocket-mastercachestatus: HIT
last-modified: Tue, 17 Jan 2023 13:26:03 GMT
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: "63c6a1eb-1f1ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c%2FKlpqwXuM9HTFNXFl%2B5q5AxZWaGzphtt%2Bfsxtgykah1KGkRAzRAPazCogX4atlFd7wMPY9TCrcOkuXbibQiAj8XMIE4loIxsIyaPtM%2BFFWodapho6yP8KYCmeN2yDAKadSJycekK8lHAkND0LRXMa%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
accept-ranges: bytes
cf-ray: 7a48cc23db409040-FRA
expires: Fri, 17 Mar 2023 09:51:57 GMT

GET
H2 200 build.css
s.internethaber.com/assets/web/css/ Frame 1222 378 KB
64 KB 141ms
45ms Stylesheet
text/css 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/css/build.css?id=661cf4fa363b649659db
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfe3b1487823143ea6a452ceb05c956422a50cc79eb121061822d07eaf9be38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1440786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: EXPIRED
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge129.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-5e794"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4swmJ6UercGkV%2Bk%2F7ZxyUFlo73hBucmzfe448ZTIIkodXngNyh7FcPrnBVtDksu5xnMCkekVmAQTvpaCd8lcqEwPWlI1CexbjyxOaTSSkGKiUzi8mTb0B82m5bsYo6AH8VzgtCq8fGcc0%2FifOnBMdOy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 7a48cc23ebc69225-FRA
expires: Tue, 21 Mar 2023 13:36:46 GMT

GET
H2 200 criteo.js Show response
s.internethaber.com/assets/global/js/ Frame 1222 6 KB
2 KB 39ms
29ms Script
application/javascript 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/global/js/criteo.js?id=313ba0b1d00d8a24fb9b
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa4dd61d7a09398857b4462a74454d2089397da38ec9f3166c0deb23b4de4e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1611969
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: MISS
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge126.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-16ae"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PIK%2BY0prSAAEOSDHg%2Fd6yi11m6NywL82tTVZ1xJ13UQ9E9gOWH%2Fe1q5nkT2G8uRMq7s3XfhusUWe7JXhEA0vmnDiNE4rr4n%2F%2BQcYa8XpNv%2Bc8z60OUmtGU7mU8KJk9AuVwhaxMR%2BvefT8PWxFc4JKDJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 7a48cc24ec6f9225-FRA
expires: Sun, 19 Mar 2023 14:03:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1222 78 KB
27 KB 242ms
92ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8b6332c7602c339807b3e262c29b0acb00fc308ef2f6d9636ba5ab41a380540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27156
x-xss-protection: 0
server: sffe
etag: "1504 / 986 of 1000 / last-modified: 1678230427"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 05:49:52 GMT

GET
H2 200 ad-3.0.8.lazy.beta.min.js Show response
ad-cdn.bilgin.pro/app/ Frame 1222 24 KB
9 KB 691ms
81ms Script
application/javascript 195.142.105.24
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.bilgin.pro/app/ad-3.0.8.lazy.beta.min.js?v=1
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.24 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9d953d7b9dd09b6454b4407942675c4e0dab6b540285fcfe80f43f48f2268512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Wed, 08 Mar 2023 05:49:53 GMT
content-encoding: gzip
expires: Fri, 07 Apr 2023 05:49:53 GMT
last-modified: Thu, 26 Jan 2023 14:58:51 GMT
server: nginx
x-rocket-node: edge127.ist.tr.eu.rocketcdn.com
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-rocket-mastercachestatus: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1222 220 KB
77 KB 186ms
66ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DFZT79FJRG

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a97eda2336e34d5bbd858646fc1f764494670c6b853e32811f79f8ecb8d751f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 05:49:52 GMT

GET
H2 200 BildirtSDKfiles.js Show response
cdn2.bildirt.com/ Frame 1222 74 KB
24 KB 147ms
38ms Script
application/javascript 2606:4700:3030::ac43:d2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54c837b94098928259dcc2ba780346f1e0c1ec98555e1fd5e468c0d4f0f8a556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 13:05:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 735
etag: W/"633c2f96-1278c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yg7hQldgBoKRTT8ugTrD2PO5tjzghVoesxmzUFTEFvo6yB0oU7gCoisMJpQkdoF7Z%2FT5Mz4tvAkJai6sy%2BBqYDNyAQGs1UFuxsNiNJefTQgGtqnkBst9gw5sgoeHqCH7Zsz3%2F%2Bd%2F3YP438KGi0fF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7a48cc258e8d9255-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.js Show response
s.internethaber.com/assets/vendor/bp-image/ Frame 1222 103 KB
39 KB 221ms
142ms Script
application/javascript 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/vendor/bp-image/app.js?id=661cf4fa363b649659db
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed00fa6a8aec382abd3087cc6eb81b56165adc92b0f04607c6c6c14be1f320eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: REVALIDATED
date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1441177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: EXPIRED
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge126.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-19b45"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KU2iPsGprmVOdF13I7gv6P4aay4RTfG1L3EdewJE%2Bdhv2KR6XZKrhLXbSyrKan%2BhMhfyjULGE2xr13rEnnvBm%2BwuQ78u608lPVzWqOIYkcEayxg8h5mDjAuyEFnJoW5zTYKcPfqWGN9mEcBbHif63ROx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 7a48cc23ebc89225-FRA
expires: Tue, 21 Mar 2023 13:30:15 GMT

GET
H2 200 build.js Show response
s.internethaber.com/assets/web/js/ Frame 1222 348 KB
108 KB 54ms
47ms Script
application/javascript 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.internethaber.com/assets/web/js/build.js?id=661cf4fa363b649659db
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25a6075ed59afd7840584ae9a396f28701638abbf10ac2322e859fa851a1835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: HIT
date: Wed, 08 Mar 2023 05:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1441177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: EXPIRED
last-modified: Wed, 15 Feb 2023 10:42:02 GMT
x-rocket-node: edge127.ist.tr.eu.rocketcdn.com
server: cloudflare
etag: W/"63ecb6fa-570d6"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz1GPU%2B6Wu0yrh7HOMo8L70X1OEDg4nwg29cAL%2BYzBeIJ3JoASsXzumG2Nn9Y1AJ5VNmqSXiTQrmY4ocLjmAW6eufuwXUKegsZyLUmmykUoZYbk%2BfCXTPLsh%2BzKmlUakPpRRvWsmEnq8OYigO%2BbgQyDz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
x-lb-cache: MISS
cf-ray: 7a48cc24ec779225-FRA
expires: Tue, 21 Mar 2023 13:30:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1222 49 KB
20 KB 163ms
44ms Script
text/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 05:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Mar 2023 07:17:30 GMT

GET
H2 200 AGSKWxWSjuXyXEalHccHoRctjyfNXpTlU9SGRRX19O1b9Q4Q2SWH5ZkxMlPWN9WrrXXWh3OZMU4Kj-5frfprg2GjByM= Show response
fundingchoicesmessages.google.com/f/ Frame 1222 126 KB
43 KB 221ms
103ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWSjuXyXEalHccHoRctjyfNXpTlU9SGRRX19O1b9Q4Q2SWH5ZkxMlPWN9WrrXXWh3OZMU4Kj-5frfprg2GjByM=

Requested by

Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

878eac9ed3285484ce37e813a647e768f6b2dc08e5fa5c318f5bbfb905b5b7bb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0HcXtilAy2UhQ3OYj0wT7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:52 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0HcXtilAy2UhQ3OYj0wT7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 22 KB
22 KB 196ms
87ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:ital,wght@0,100;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:57:55 GMT
x-content-type-options: nosniff
age: 13917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22768
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:57:55 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 23 KB
23 KB 189ms
107ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72f0b323283b16b593703ad1845e5a79197324955e8efdb8ac67ae0d77c2d685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:05:28 GMT
x-content-type-options: nosniff
age: 506664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23708
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 09:05:28 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 23 KB
24 KB 126ms
45ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec8dd74f23e44187f55eaeeae9ee6998723387171f76c9bf1d3fb63305f432a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 01:52:26 GMT
x-content-type-options: nosniff
age: 446246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23876
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 01:52:26 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMp0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 33 KB
33 KB 209ms
131ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWSnJuMp0ciZb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af793fb83137cbf484b1227a8cd7d70a2ad3cdf61227a624c6345ca763373d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 22:50:26 GMT
x-content-type-options: nosniff
age: 457166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33508
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:50:26 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMp0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 33 KB
33 KB 241ms
164ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWVHLuMp0ciZb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e922dc84beeaa2faa868845ffd995139106c87155c12f26a8710a5aba261c4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:32:56 GMT
x-content-type-options: nosniff
age: 483416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33484
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:32:56 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfjtrftV.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 30 KB
31 KB 255ms
178ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfjtrftV.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad5d1d626322dae075f633347e129c78be440431e20846e75f03173a7288b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:23:13 GMT
x-content-type-options: nosniff
age: 469599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31128
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:45:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 19:23:13 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1222 22 KB
22 KB 225ms
150ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.internethaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:57:54 GMT
x-content-type-options: nosniff
age: 471118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22760
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 18:57:54 GMT

GET
H2 200 akp-grup-recep-tayyip-erdogan-ak-pa-08al_cover.jpg.webp
i.internethaber.com/2/238/155/storage/files/images/2022/11/02/ Frame 1222 4 KB
5 KB 406ms
375ms Image
image/webp 2606:4700:3032::6815:24fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.internethaber.com/2/238/155/storage/files/images/2022/11/02/akp-grup-recep-tayyip-erdogan-ak-pa-08al_cover.jpg.webp
Requested by: Host: www.internethaber.com
URL: https://www.internethaber.com/son-dakika//?t=23&cid=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:24fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f852b55a2c588f99e34946963edfab71c317dfc37e350ad1ca11efa2e23f9117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-rocket-cachestatus: MISS
date: Wed, 08 Mar 2023 05:49:53 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-proudly-served-by: Bilgin Pro
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rocket-mastercachestatus: MISS
x-rocket-node: edge132.ist.tr.eu.rocketcdn.com
last-modified: Wed, 08 Mar 2023 05:49:53 GMT
server: cloudflare
app-name: node-picasso
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKRYSxB25wbiKURHFIZMngiX4CnLZRO3bPO%2FDdeReYj1zmiSiJmPZBktqLB8tU%2FKgwYddA%2FVuO2m17Qr318fSxDkf0RrYyu0tweK1DxzCPKf%2Fvl0ERatO5mwDgFMu3ZpEw%2B7NWi6PJw%2FrXuzbv5pRgih"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
cache-control: max-age=2592000
vary: Accept-Encoding
x-lb-cache: MISS
cf-ray: 7a48cc258cc09225-FRA
expires: Fri, 07 Apr 2023 05:49:53 GMT

GET
H2 200 pubads_impl_2023030201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1222 385 KB
130 KB 45ms
44ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133088
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:36:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Mar 2024 18:45:11 GMT

POST
H2 200 load Show response
ad.bilgin.pro/ Frame 1222 1 KB
628 B 368ms
116ms XHR
text/html 195.142.109.125
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bilgin.pro/load
Requested by: Host: ad-cdn.bilgin.pro
URL: https://ad-cdn.bilgin.pro/app/ad-3.0.8.lazy.beta.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.109.125 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS: 195-142-109-125.rdns.saglayici.net
Software: nginx /
Resource Hash: 90e722875bd80efb8131ffcb95cabe53560d6a13ac09f84eda1a0d1b6ad163a4

Request headers

Referer: https://www.internethaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 05:49:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
expires: -1

GET
H3 200 Config-sw.js Show response
cdn2.bildirt.com/ Frame 1222 7 KB
2 KB 80ms
44ms Fetch
application/json 2606:4700:3030::ac43:d2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.bildirt.com/Config-sw.js?uygulamaid=4009-1999-6373-3753-3196-4
Requested by: Host: cdn2.bildirt.com
URL: https://cdn2.bildirt.com/BildirtSDKfiles.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d2c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12eb3e331ce854464a0531f22a9e6454be6e6c08aff393396ce71a5f96413b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.internethaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:49:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIWLlFVOWLdmIoGw722PAFx2049s5B8%2BWEc5mWBDn1DB3adYUHdqsogG%2BnEl22Mtfx723AYxGSR%2BMO01LaZ2Eg1u0kopmp4%2Fy6h%2BVlzGGBTwUMjfHXlcvoaqDk1Hjen9dhvMhBEYLzUN7Rnb7m9E"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset: UTF-8
access-control-allow-origin: *
cf-ray: 7a48cc298ec82c42-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.statcounter.com/	1970-01-20 19:46:54	Name: is_visitor_unique Value: 1678254591420010547
			.statcounter.com/	1970-01-20 19:46:54	Name: is_unique Value: sc11943538.1678254591.0-10224970.1678254592.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-cdn.bilgin.pro
ad.bilgin.pro
c.statcounter.com
cdn2.bildirt.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.internethaber.com
in3.sitekodlari.com
ir.sitekodlari.com
ir1.sitekodlari.com
oa.onlinekisi.com
one.variptvtr.com
pl154258.alternativecpmgate.com
s.internethaber.com
securepubads.g.doubleclick.net
sondakika.internethaber.com
statcounter.com
www.google-analytics.com
www.googletagmanager.com
www.internethaber.com
104.20.218.77
104.20.219.77
109.236.91.24
192.243.59.12
195.142.105.24
195.142.106.235
195.142.109.125
2606:4700:3030::ac43:d2c0
2606:4700:3032::6815:24fc
2606:4700:3035::6815:4577
2a00:1450:400d:805::200e
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:80a::200a
2a01:4f8:151:6117::2
12eb3e331ce854464a0531f22a9e6454be6e6c08aff393396ce71a5f96413b9e
17e9aec7ecb623bfab305c610a2e23f7284dfdeb75e5030384d3ba2c11ff612f
1d1b0f79928bdb3f4defd9ee3dbce39cf537c6d885da9d5eca593ded4b061f69
1dfe3b1487823143ea6a452ceb05c956422a50cc79eb121061822d07eaf9be38
2ac162f9469c41bf5b48640c78e5eaca7d316d3103c59dd87cfd480086d2da21
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
4974d1fa609ab09b42727d10406311e241baf6123d7ab139761bbf23e2aaa0f5
4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259
54c837b94098928259dcc2ba780346f1e0c1ec98555e1fd5e468c0d4f0f8a556
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
6ec8dd74f23e44187f55eaeeae9ee6998723387171f76c9bf1d3fb63305f432a
72f0b323283b16b593703ad1845e5a79197324955e8efdb8ac67ae0d77c2d685
7e8aced65883006fde262cea4328d38da8e70f873d1a8053e6dba22cbfca787f
878eac9ed3285484ce37e813a647e768f6b2dc08e5fa5c318f5bbfb905b5b7bb
90e722875bd80efb8131ffcb95cabe53560d6a13ac09f84eda1a0d1b6ad163a4
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
9674992c160b3d42522d0fd002e8476dddcb1419c65f0b845890aaea3cb71d7c
9c1e5f80225215646769e06fbea01eeaaeedf586d5afdf4bd39e01e84e6645ff
9d953d7b9dd09b6454b4407942675c4e0dab6b540285fcfe80f43f48f2268512
a8b6332c7602c339807b3e262c29b0acb00fc308ef2f6d9636ba5ab41a380540
a97eda2336e34d5bbd858646fc1f764494670c6b853e32811f79f8ecb8d751f5
aa4dd61d7a09398857b4462a74454d2089397da38ec9f3166c0deb23b4de4e36
af793fb83137cbf484b1227a8cd7d70a2ad3cdf61227a624c6345ca763373d5d
b56309f6f31b908376988a176f39162e7532afb423b887ae685af31daabf83d7
bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98
c25a6075ed59afd7840584ae9a396f28701638abbf10ac2322e859fa851a1835
c37a3fe43dbb108e67e7267321a84a1ae9dd93bbdde75023b136827f240ed08e
c9cb0d2ffff1fd146fcacd2692bc501bd969601f5c396a8db9338aa814324c91
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d309943114e1a61f8ec21a49d5010e59c8b83b82ded4dd81774809a80df88922
d57f4287081a83f7232e034639761cdd8d8935ee977bfee230485120b1379903
dad5d1d626322dae075f633347e129c78be440431e20846e75f03173a7288b50
e481f61f6b64b719e15d2511a34a8b6a5cf74c6ea818dd0c2a447c63cc5ca870
e922dc84beeaa2faa868845ffd995139106c87155c12f26a8710a5aba261c4f0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ed00fa6a8aec382abd3087cc6eb81b56165adc92b0f04607c6c6c14be1f320eb
f852b55a2c588f99e34946963edfab71c317dfc37e350ad1ca11efa2e23f9117

one.variptvtr.com Open in urlscan Pro 2606:4700:3035::6815:4577 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

64 %HTTPS

59 %IPv6

14 Domains

21 Subdomains

15 IPs

6 Countries

995 kBTransfer

2452 kBSize

2 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

one.variptvtr.com Open in urlscan Pro
2606:4700:3035::6815:4577 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

64 %
HTTPS

59 %
IPv6

14
Domains

21
Subdomains

15
IPs

6
Countries

995 kB
Transfer

2452 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions