eksisozluk.com Open in urlscan Pro
104.20.22.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eksisozluk.com/betwoon
Effective URL:
https://eksisozluk.com/betwoon--7389600
Submission Tags: @phish_report
Submission: On October 04 via api (October 4th 2025, 12:27:10 pm UTC) from FI — Scanned from DE

Summary HTTP 70 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 23 domains to perform 70 HTTP transactions. The main IP is 104.20.22.102, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is eksisozluk.com. The Cisco Umbrella rank of the primary domain is 183434.
TLS certificate: Issued by WE1 on September 15th 2025. Valid for: 3 months.

This is the only time eksisozluk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.20.22.102 104.20.22.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
15	172.67.131.5 172.67.131.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	31.186.16.160 31.186.16.160	197720 (TURKTICAR...) (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S.)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 2	195.201.91.161 195.201.91.161	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
2	13.32.27.112 13.32.27.112	16509 (AMAZON-02) (AMAZON-02)
7	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1	3.78.31.92 3.78.31.92	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1 4	92.222.252.172 92.222.252.172	16276 (OVH OVH SAS) (OVH OVH SAS)
2	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
1	77.243.51.122 77.243.51.122	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
1	144.21.34.64 144.21.34.64	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
5	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
1	146.59.30.100 146.59.30.100	16276 (OVH OVH SAS) (OVH OVH SAS)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
2	31.186.3.130 31.186.3.130	197720 (TURKTICAR...) (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S.)
3	69.173.156.138 69.173.156.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
70	28

4 104.20.22.102 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eksisozluk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.67.131.5 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

ekstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ekstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

nativespot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.186.16.160 (Turkey)

ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR)
PTR: reverse-31-186-15-160.turkticaret.net

app.gelirartisi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.91.161 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.161.91.201.195.clients.your-server.de

app.networkad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.112 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-112.fra56.r.cloudfront.net

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.78.31.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-31-92.eu-central-1.compute.amazonaws.com

serv.nspot.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.222.252.172 (Paris, France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ip172.ip-92-222-252.eu

gatr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.243.51.122 (Aalborg, Denmark)

ASN42697 (NETIC-AS Netic A/S, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.21.34.64 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

feedback.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.186.3.130 (Turkey)

ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR)
PTR: reverse-31-186-3-130.turkticaret.net

ssp.theadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.156.138 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ekstat.com ekstat.com — Cisco Umbrella Rank: 165138 img.ekstat.com — Cisco Umbrella Rank: 201438	1 MB
7	gstatic.com fonts.gstatic.com	170 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 263 ad.doubleclick.net — Cisco Umbrella Rank: 172 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	245 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 759	134 KB
5	gemius.pl 1 redirects gatr.hit.gemius.pl — Cisco Umbrella Rank: 82651 ls.hit.gemius.pl — Cisco Umbrella Rank: 32923	30 KB
4	gelirartisi.com app.gelirartisi.com — Cisco Umbrella Rank: 228000	145 KB
4	eksisozluk.com 1 redirects eksisozluk.com — Cisco Umbrella Rank: 183434	46 KB
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 612	1 KB
3	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 18663 feedback.adrecover.com — Cisco Umbrella Rank: 59716	26 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 11413	353 B
2	theadx.com ssp.theadx.com — Cisco Umbrella Rank: 21945	550 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 195	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 3232	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	268 KB
2	networkad.net 1 redirects app.networkad.net — Cisco Umbrella Rank: 325290	27 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	7 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1811	401 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 44	6 KB
1	semasio.net uip.semasio.net — Cisco Umbrella Rank: 54875	239 B
1	nspot.co serv.nspot.co — Cisco Umbrella Rank: 322174	264 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	24 KB
1	nativespot.com nativespot.com — Cisco Umbrella Rank: 331313	987 B
70	23

	Domain	Requested by
11	ekstat.com	eksisozluk.com ekstat.com
7	fonts.gstatic.com	fonts.googleapis.com eksisozluk.com
5	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	gatr.hit.gemius.pl	1 redirects eksisozluk.com gatr.hit.gemius.pl
4	img.ekstat.com	eksisozluk.com
4	app.gelirartisi.com	eksisozluk.com app.networkad.net app.gelirartisi.com
4	eksisozluk.com	1 redirects eksisozluk.com
3	fastlane.rubiconproject.com	app.gelirartisi.com
3	securepubads.g.doubleclick.net	eksisozluk.com securepubads.g.doubleclick.net
2	prebid-eu.creativecdn.com	app.gelirartisi.com
2	ssp.theadx.com	app.gelirartisi.com
2	sb.scorecardresearch.com	eksisozluk.com
2	delivery.adrecover.com	eksisozluk.com
2	www.googletagmanager.com	eksisozluk.com www.googletagmanager.com
2	googleads.g.doubleclick.net	eksisozluk.com www.googleadservices.com
2	app.networkad.net	1 redirects eksisozluk.com
2	ad.doubleclick.net	1 redirects eksisozluk.com
2	fonts.googleapis.com	eksisozluk.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	a.teads.tv	app.gelirartisi.com
1	lh3.googleusercontent.com	eksisozluk.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gatr.hit.gemius.pl
1	feedback.adrecover.com	eksisozluk.com
1	uip.semasio.net	eksisozluk.com
1	www.google-analytics.com	eksisozluk.com
1	serv.nspot.co	nativespot.com
1	www.googleadservices.com	eksisozluk.com
1	nativespot.com	eksisozluk.com
70	29

This site contains links to these domains. Also see Links.

Domain
www.amazon.com.tr
www.youtube.com
eksiseyler.com
www.facebook.com
bsky.app
soz.lk
www.instagram.com
x.com

Subject Issuer	Validity	Valid
eksisozluk.com WE1	`2025-09-15` - `2025-12-14`	3 months	crt.sh
upload.video.google.com WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
ekstat.com WE1	`2025-09-30` - `2025-12-29`	3 months	crt.sh
nativespot.com WE1	`2025-08-15` - `2025-11-13`	3 months	crt.sh
app.gelirartisi.com R13	`2025-09-11` - `2025-12-10`	3 months	crt.sh
*.googleadservices.com WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.google-analytics.com WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.adrecover.com Amazon RSA 2048 M02	`2025-01-11` - `2026-02-10`	a year	crt.sh
*.gstatic.com WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
serv.nspot.co Amazon RSA 2048 M02	`2025-02-03` - `2026-03-04`	a year	crt.sh
*.hit.gemius.pl Sectigo Public Server Authentication CA DV E36	`2025-09-08` - `2026-09-25`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-11` - `2026-02-11`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2025-05-09` - `2026-06-09`	a year	crt.sh
*.google.com WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.googleusercontent.com WE2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.theadx.com RapidSSL TLS RSA CA G1	`2025-03-11` - `2026-03-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2025-04-17` - `2026-05-02`	a year	crt.sh
teads.tv R10	`2025-07-29` - `2025-10-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://eksisozluk.com/betwoon--7389600
Frame ID: BEFA3051367254005E940E7865DDB184
Requests: 70 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: E308D05D51B6AD0573DE60DB5C9A6A07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

betwoon - ekşi sözlük

Page URL History Show full URLs

https://eksisozluk.com/betwoon HTTP 302
https://eksisozluk.com/betwoon--7389600 Page URL

Detected technologies

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

96 %
HTTPS

0 %
IPv6

23
Domains

29
Subdomains

28
IPs

7
Countries

2228 kB
Transfer

5190 kB
Size

15
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com.tr/primealisverisfestivali?_encoding=UTF8&tag=pbdd25-awa-directpub-x-tr-x-x-x-eksi-search-21&dclid=COinxZ7sh5ADFXW9_Qcd2-sZqw&gad_source=7
Title: sponsorlu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/penavideo

Search URL Search Domain Scan URL

URL: https://eksiseyler.com/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F150961391&p[title]=betwoon&p[summary]=yakla%C5%9F%C4%B1k%2015%20y%C4%B1ld%C4%B1r%20blackjack%20oynar%C4%B1m%2C%20ana%20paramla%20kazand%C4%B1%C4%9F%C4%B1m%20bakiyeyi%20%22siz%20yan%20bahis%20oynam%C4%B1%C5%9Fs%C4%B1n%C4%B1z%22%20diye%20silen%20ilk%20defa%20bu%20arkada%C5%9Flar%20oldu.%20ana%20param%20diyorum%20bak%C4%B1n%2C%20bonusum%20yok%20bir%20%C5%9Fey%20yok%3B%20benden%20yan%20bet%20oynanm%C4%B1%C5%9F%20gerek%C3%A7esi%20ile%20kazanc%C4%B1m%C4%B1%20sildiler.%20%C3%BCst%E2%80%A6&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title: facebook

Search URL Search Domain Scan URL

URL: https://bsky.app/intent/compose?text=betwoon%0Ahttps://eksisozluk.com/entry/150961391
Title: bluesky'da paylaş

Search URL Search Domain Scan URL

URL: https://soz.lk/i/w61e3hg6
Title: görsel

Search URL Search Domain Scan URL

URL: https://soz.lk/i/0y82dpcy
Title: görsel

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F152672962&p[title]=betwoon&p[summary]=yaklasik%204%20g%C3%BCnd%C3%BCr%20casinodan%20kazandigim%2055%20bin%20tlye%20%C3%A7%C3%B6km%C3%BC%C5%9F%20sitedir.%20para%20cekim%20talebinde%20bulunuyorum%20surekli%20sistemsel%20bir%20s%C4%B1k%C4%B1nt%C4%B1%20var%20diyerek%20parami%20iade%20ediyorlar.%20haftasonu%20falan%20dedik%20ama%20bugun%20de%20yatirmadilar.%20bakalim%20duruma%20gore%20burayi%20editlerim%E2%80%A6&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title: facebook

Search URL Search Domain Scan URL

URL: https://bsky.app/intent/compose?text=betwoon%0Ahttps://eksisozluk.com/entry/152672962
Title: bluesky'da paylaş

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F163264162&p[title]=betwoon&p[summary]=%0A%20%20%20%20doland%C4%B1r%C4%B1c%C4%B1d%C4%B1r%2C%201%20lira%20bile%20%C3%B6demez.%20hesab%C4%B1n%C4%B1z%C4%B1%20kapat%C4%B1r%2C%20paran%C4%B1za%20%C3%A7%C3%B6ker.%20kesinlikle%20ama%20kesinlikle%20oynanmamas%C4%B1%20gereken%20sitedir.%20tez%20vakitte%20piyasadan%20silinmesi%20dile%C4%9Fiyle%E2%80%A6%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title: facebook

Search URL Search Domain Scan URL

URL: https://bsky.app/intent/compose?text=betwoon%0Ahttps://eksisozluk.com/entry/163264162
Title: bluesky'da paylaş

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F166829637&p[title]=betwoon&p[summary]=%0A%20%20%20%20ma%C3%A7%20bahislerinden%20biraz%20kazand%C4%B1%C4%9F%C4%B1n%C4%B1z%C4%B1%20g%C3%B6r%C3%BCnce%20sizi%20ma%C3%A7%20bahislerinden%20engeller%2C%20ma%C3%A7%20bahisi%20ald%C4%B1rtmaz.%20uzak%20durun.%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title: facebook

Search URL Search Domain Scan URL

URL: https://bsky.app/intent/compose?text=betwoon%0Ahttps://eksisozluk.com/entry/166829637
Title: bluesky'da paylaş

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F167713913&p[title]=betwoon&p[summary]=%0A%20%20%20%20tam%20bir%20doland%C4%B1r%C4%B1c%C4%B1%20site%20uzak%20durun%20paran%C4%B1z%C4%B1%20%C3%A7%C3%B6pe%20at%C4%B1n%20hi%C3%A7%20yoktan%20%C3%A7%C3%B6pe%20att%C4%B1m%20dersiniz.%20burada%20resmen%20paray%C4%B1%20al%C4%B1p%20para%20vermiyorlar.%20kesinlikle%20bula%C5%9Fmay%C4%B1n%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title: facebook

Search URL Search Domain Scan URL

URL: https://bsky.app/intent/compose?text=betwoon%0Ahttps://eksisozluk.com/entry/167713913
Title: bluesky'da paylaş

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sozluk
Title: instagram

Search URL Search Domain Scan URL

URL: https://x.com/sozluk
Title: x

Search URL Search Domain Scan URL

URL: https://bsky.app/profile/eksisozluk.com
Title: bluesky

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eksisozluk
Title: facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eksisozluk.com/betwoon HTTP 302
https://eksisozluk.com/betwoon--7389600 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/B34211218.430421818;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/B34211218.430421818;dc_pre=CNT887LFipADFTtY9ggd3HgA9Q;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1

Request Chain 16

https://app.networkad.net/netasync.js?zid=571 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Request Chain 59

https://gatr.hit.gemius.pl/_1759580831169/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.EzbpH_rrUyhOUKE3mSNv12C8JeaD2P3YQTQzaLQObH.b7dQP_l4AlJ9wxBL6hDpvjna27KqHSo8G6sF6kE.5ABK1Aq1/LJZ9szMpaJ0H1/&fpdata=SzNrUGrIBVsohw2YUBDjyHZZxeAWsJK5p5iKKymjdRv.A7%7C1759580830%7C2%7C%7C%7C8%3A3%3A32&ltime=213&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=68e1129e38fc15cd&brts=1759580831&fpcap= HTTP 301
https://gatr.hit.gemius.pl/__/_1759580831169/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.EzbpH_rrUyhOUKE3mSNv12C8JeaD2P3YQTQzaLQObH.b7dQP_l4AlJ9wxBL6hDpvjna27KqHSo8G6sF6kE.5ABK1Aq1/LJZ9szMpaJ0H1/&fpdata=SzNrUGrIBVsohw2YUBDjyHZZxeAWsJK5p5iKKymjdRv.A7%7C1759580830%7C2%7C%7C%7C8%3A3%3A32&ltime=213&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=68e1129e38fc15cd&brts=1759580831&fpcap=

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request betwoon--7389600 Show response
eksisozluk.com/
Redirect Chain

https://eksisozluk.com/betwoon
https://eksisozluk.com/betwoon--7389600

82 KB
30 KB

175ms
175ms

Document
text/html

104.20.22.102
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.22.102 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb0961555880fa7f9f9410f69e43eb629ccc4d7588dfc534f36993bda5ee6167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9894abfe1de9e5da-FRA
content-encoding: gzip
content-length: 30694
content-type: text/html; charset=utf-8
date: Sat, 04 Oct 2025 12:27:10 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9894abfd9ddae5da-FRA
content-length: 134
content-type: text/html; charset=utf-8
date: Sat, 04 Oct 2025 12:27:10 GMT
expires: -1
location: /betwoon--7389600
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 55ms
22ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

6ecc3099e92ca2dbe63a0f6b327b530ba038d3b63ecac92fea595089391f18dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 12:27:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 04 Oct 2025 12:15:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 63ms
46ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d04e6d387ad1e52bdea082cf7a547f4b0f5f3402ce69e6d8b14b684bfc07e13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
etag: 2 / 20365 / m202509300101 / config-hash: 6758869623334315936
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 12:27:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34460
x-xss-protection: 0
server: cafe

GET
H3 200 jquery-combo.js Show response
ekstat.com/js/ 353 KB
135 KB 42ms
24ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/jquery-combo.js?v=NW7TIj6SYQflX53TQXroYchacrHYRKDYgcH5O-4Y8wM1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a011973ca8fa12b020d1f252709114cd4e905ed3b6ad432170eee221ed7101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 34563
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=faFeHrrEKslbQkJdfGNLDEF1dKZBdAAcoHNY1g16ePfTOv704nCmn2%2B7w%2FhyrYHFtgQr8driAHZiW%2FE3bpehzUazkisylN057IU%3D"}]}
x-content-type-options: nosniff
expires: Sun, 04 Oct 2026 02:51:07 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 04 Oct 2025 02:51:07 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abff585765b0-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ek$i-combo.js Show response
ekstat.com/js/ 67 KB
28 KB 34ms
16ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/ek$i-combo.js?v=qGmH9fRiPnWOE7cPXKh_f76Dp6lgPK4vpE1h5gzXrD81

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1582e7ff7917ee324bd3f0591b668d243c154c389ebb3b970042c15d7f31483

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 27757
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Je%2F1h7aS8BTFC3uninLuytOpKupvtu6C3XkQR%2BNMwQdq%2F1RlALAznvohW5feVV%2BkxhtcLUz8EXFhZkjdCnYIWcby7ICDw9i5Rq8%3D"}]}
x-content-type-options: nosniff
expires: Sun, 04 Oct 2026 04:44:33 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 04 Oct 2025 04:44:33 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abff585865b0-FRA
content-length: 27749
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ek$i-794d34287e6838e0.css
ekstat.com/css/ 197 KB
30 KB 56ms
38ms Stylesheet
text/css 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/css/ek$i-794d34287e6838e0.css

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456f90ea1c77f3ab8381b2b4dd7de86cbb4da1f842a1d91f9387c67f2ef2bae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"051a080fe10dc1:0"
age: 200188
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ytxRB1ksM6PpbwCB8BZhLETctWWsjbpC%2FHnvl4lLiTqcKReAs%2BVxYOQ%2B8nG23snUETh4ddmf0nfXgHiXEGSjBAIVbrSofjXjceQ%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/css
last-modified: Tue, 19 Aug 2025 11:43:38 GMT
vary: Accept-Encoding,Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abff585665b0-FRA
accept-ranges: bytes
content-length: 30367
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 v1.js Show response
nativespot.com/apijs/ 931 B
987 B 44ms
22ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://nativespot.com/apijs/v1.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f511a53045279d822e256938104b1541c0892e4f70eaea3a8d5c5e62f8041e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"rq49cnpv"
age: 5275
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MleIOM%2FLbG8VnEGQhp%2Bqop%2FU5KePniPnQcSHqjA%2FERS0N70Hx8cXuk9n63CoZfzLdvUJIZuMARa6XFPpEKZvgYvLBqVMA9KYL2DInAu7"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: application/javascript
last-modified: Wed, 15 Feb 2023 10:05:11 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894ac00093e371a-FRA
accept-ranges: bytes
content-length: 494
server: cloudflare

GET
H/1.1 200
OK withdfp.js Show response
app.gelirartisi.com/ 5 KB
2 KB 205ms
94ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/withdfp.js?sid=6

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

dabfbf3cb718c9117f04147537ac7891af8beabd40d1d96133d82de237a6265e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Connection: keep-alive
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-XSS-Protection: 1; mode=block
Date: Sat, 04 Oct 2025 12:27:10 GMT
Content-Type: text/javascript

GET
H3 200 lib-defer.js Show response
ekstat.com/js/ 116 KB
46 KB 40ms
37ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/lib-defer.js?v=jMLC8e_0ibUZ9TQ_q9OeJrWrf866w0z5fcsijcAm86w1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1c550416b50ce4802aae56d878632c2058656bc89cc23f50af5cafa44aacf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5040446
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KQBgJv9QTVGLv%2BMDZj329vydDsqvOJG44DkZoIlq9ahnLSQGKcep9QTuEf56fMNfjwvgmsb9rMZaYtpuZKIjJO9GdPiH66ZL9zY%3D"}]}
x-content-type-options: nosniff
expires: Fri, 07 Aug 2026 04:19:44 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 07 Aug 2025 04:19:44 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe85d65b0-FRA
content-length: 46398
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ek$i-defer.js Show response
ekstat.com/js/ 26 KB
10 KB 44ms
42ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/ek$i-defer.js?v=NVU_SwD8DC_ZilpYO_aSoNcSWpUgkH_giGkfWLo6Bks1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ebb39326064495b2db061629ca4aa96c50b6e3490679fd78e5e0a9cf65cd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 33104
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=40WO8T3gyTJQiGFrMY1AWRmFro7ReeOzOk0pcdHvp%2FrTXwbtTv3r4B2Us91hC9T548iISeAk2lNAuevt5WlV%2Fy2OjezOJVDFRZg%3D"}]}
x-content-type-options: nosniff
expires: Sun, 04 Oct 2026 03:15:25 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 04 Oct 2025 03:15:25 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe85f65b0-FRA
content-length: 10051
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

200

B34211218.430421818;dc_pre=CNT887LFipADFTtY9ggd3HgA9Q;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/B34211218.430421818;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/B34211218.430421818;dc_pre=CNT887LFipADFTtY9ggd3HgA9Q;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_...

42 B
63 B

28ms
28ms

Image
image/gif

142.250.186.134
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/B34211218.430421818;dc_pre=CNT887LFipADFTtY9ggd3HgA9Q;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sat, 04 Oct 2025 12:27:10 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N2423531.5192040EKISZLK/B34211218.430421818;dc_pre=CNT887LFipADFTtY9ggd3HgA9Q;dc_trk_aid=623878816;dc_trk_cid=242527574;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 04 Oct 2025 12:27:10 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 pena-logo.svg
eksisozluk.com/Content/img/new-logos/ 1 KB
774 B 13ms
12ms Image
image/svg+xml 104.20.22.102
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eksisozluk.com/Content/img/new-logos/pena-logo.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.22.102 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/betwoon--7389600

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "abd8604d2551d41:0"
age: 37609
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Thu, 20 Sep 2018 21:02:55 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
cache-control: public, max-age=31536000
cf-ray: 9894abff5dfee5da-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 eksiseyler-logo.svg
eksisozluk.com/Content/img/new-logos/ 19 KB
14 KB 11ms
11ms Image
image/svg+xml 104.20.22.102
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eksisozluk.com/Content/img/new-logos/eksiseyler-logo.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.22.102 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/betwoon--7389600

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "abd8604d2551d41:0"
age: 41509
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Thu, 20 Sep 2018 21:02:55 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
cache-control: public, max-age=31536000
cf-ray: 9894abff6dffe5da-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 antoinedoinel-638486483550139947.jpg
img.ekstat.com/profiles/ 624 KB
625 KB 27ms
17ms Image
image/jpeg 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://img.ekstat.com/profiles/antoinedoinel-638486483550139947.jpg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7712ebde9f648708aa4d32f154c3cf1a7eb874890d4a43a9e163c494e105d598

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "661aed72-9c14e"
age: 5879
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TWYblKsWNJtpm2KLiqBcIXD6vruokQyqei8hnmq2dnDOr%2FcFk2rcp5RSDkNHWLlqBB15KkfZQIApvNrMym62H5jQ0AFhoNTsqIEeJhVX"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/jpeg
last-modified: Sat, 13 Apr 2024 20:39:14 GMT
vary: accept-encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abff885965b0-FRA
accept-ranges: bytes
content-length: 639310
server: cloudflare

GET
H3 200 default-profile-picture-light.svg
ekstat.com/img/ 2 KB
1 KB 19ms
19ms Image
image/svg+xml 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/default-profile-picture-light.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa10eaa61b50563cb89eecd1c94e3bd1dd3d8843eb31dddd970509cf4480d4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "d4a86b13691d81:0"
age: 1933631
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=J2UEtHiY5QPs4%2BvbCg0tcDQWdcZgSZQVwssJUTzBoP8vMeQtVPlgvlVBPhObyBM%2FG%2B2kutf7CYVeDENaEgEhmYskRuwhsPcbxF4%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Tue, 04 Jan 2022 12:46:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffc85b65b0-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 escobarinkayipmilyonlari-637798508780808615.jpg
img.ekstat.com/profiles/ 75 KB
75 KB 50ms
48ms Image
image/jpeg 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://img.ekstat.com/profiles/escobarinkayipmilyonlari-637798508780808615.jpg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9c46ae00de7462cc9e7ab1bea3696adc6ace8df32d51914ec66aa632fd9c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "6201294e-12b2e"
age: 6966
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QCMx%2FzEjE1M4LHvVyjof6ZCNEnXrGYSFNcyuwEaatqhaTgGiGwL8PjeBhLdazuP29yItOWM8pyEV4ftUDojQXSKFpciirL4nZBVtw2qp"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/jpeg
last-modified: Mon, 07 Feb 2022 14:14:38 GMT
vary: accept-encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe85e65b0-FRA
accept-ranges: bytes
content-length: 76590
server: cloudflare

GET
H3 200 derwegdeskriegers-638547983883429653.jpg
img.ekstat.com/profiles/ 40 KB
40 KB 44ms
42ms Image
image/jpeg 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://img.ekstat.com/profiles/derwegdeskriegers-638547983883429653.jpg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47630179be57c65ea6745464ce7dc29e357e36a50c0fa1e4d376d7069a057747

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "6678c504-9e3e"
age: 1025
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fGWgDDyrwIrNh4Vx8klJ1q56KbD0JjzE6%2BXQ0D5ENaAKo6zpdgFRlJ64YiSY6DkChBrzDx8pONx%2FHSyJil0vbDIZQwDOiYuMytPeOSyk"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/jpeg
last-modified: Mon, 24 Jun 2024 00:59:48 GMT
vary: accept-encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe85c65b0-FRA
accept-ranges: bytes
content-length: 40510
server: cloudflare

GET
H/1.1

200
OK

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=571
https://app.networkad.net/netasync.js?isAvailable=1&zid=571

211 KB
26 KB

69ms
69ms

Script
text/javascript

195.201.91.161
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

HTTP/1.1

Server

195.201.91.161 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.161.91.201.195.clients.your-server.de

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

f0f52eaaeedb4b40e579c092cc2330765e25aaaf8e5ab0ac3c893ad996f912a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Connection: keep-alive
Permissions-Policy: browsing-topics=()
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sat, 04 Oct 2025 12:27:10 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: nginx/1.24.0 (Ubuntu)

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Location: //app.networkad.net/netasync.js?isAvailable=1&zid=571
Connection: keep-alive
Permissions-Policy: browsing-topics=()
Date: Sat, 04 Oct 2025 12:27:10 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: nginx/1.24.0 (Ubuntu)

GET
H3 200 larkdevil-638932157526901259.jpg
img.ekstat.com/profiles/ 63 KB
64 KB 46ms
44ms Image
image/jpeg 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://img.ekstat.com/profiles/larkdevil-638932157526901259.jpg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fae3fc27c6e604ae41f3ee0bfd55899108e513703c592aa82af5a8889cd403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "68c2f8d8-fd4f"
age: 5504
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wVsHbVYEDgK8C4nsjbuYIb7oO4o3YuzAgG1ZOaeHRYy0l%2Fn6v0dX7TgZYd2PP8NEI76uVhU5%2BJ3cZK8VwauQ5TcXFYtqk6gpdDG0zVK0"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/jpeg
last-modified: Thu, 11 Sep 2025 16:29:12 GMT
vary: accept-encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe86065b0-FRA
accept-ranges: bytes
content-length: 64847
server: cloudflare

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 66 KB
24 KB 38ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

af649252e1cdec7dafb67824e72e025d971199cb096ba373e581f494b008d5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
etag: 8341184422868418599
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 12:27:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 24036
x-xss-protection: 0
server: cafe

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/ 42 B
64 B 39ms
21ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?value=0&guid=ON&script=0

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sat, 04 Oct 2025 12:27:10 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 386 KB
126 KB 69ms
38ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXV2Z47

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6440ccad5fa352c970702fc057d5dacaeeb8a68a6311ecf5169ae010bf7c2b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: zstd
expires: Sat, 04 Oct 2025 12:27:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 04 Oct 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 128895
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 adRecover.js Show response
delivery.adrecover.com/41209/ 79 KB
25 KB 68ms
10ms Script
application/javascript 13.32.27.112
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://delivery.adrecover.com/41209/adRecover.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.27.112 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-112.fra56.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7f57b9b144fe8f22d137f764ef8a2d95aeaa9789351d4228a02afdd21776f84a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
age: 5877392
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -cDiEcrsukYu9Lwj6L1NWodK8USpAvirA596JPvsxReQ6icOw_qgzw==
date: Mon, 28 Jul 2025 11:50:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 28 Jul 2025 11:50:34 GMT
x-ap-geo: DE
cache-control: max-age=3600
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C2
server: nginx/1.18.0 (Ubuntu)
x-ap-device: DESKTOP

GET
H3 200 eksisozluk_logo.svg
ekstat.com/img/new-design/ 4 KB
2 KB 40ms
40ms Image
image/svg+xml 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/new-design/eksisozluk_logo.svg

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2a52c6cfb61d11:0"
age: 1659886
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cUg8yxNfmL9Bq3QTk6kCPTRhSmB0BovhNPrrIkASEMAR8y%2BdikSTc498ajhCctAmmSsG%2B7HTeoabpvv41gtq0n8ZaKzajBUxa28%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/svg+xml
vary: accept-encoding
last-modified: Sun, 07 Feb 2016 22:58:24 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe86365b0-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 pena-text-logo@2x.png
ekstat.com/img/new-logos/ 2 KB
2 KB 42ms
42ms Image
image/png 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/new-logos/pena-text-logo@2x.png

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

cf-cache-status: HIT
etag: "b9906e8f851d41:0"
age: 191302
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BFPpDWgv4lO6QLiOq52zSUDAopovKCSZRqsXWc8mjOkE%2BGq2%2BcA1Pq48D50%2FfzdqQGMBVOSoBYQahMNzz32S15qSjN196xqFnqw%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/png
last-modified: Fri, 21 Sep 2018 22:11:23 GMT
vary: accept-encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe86165b0-FRA
accept-ranges: bytes
content-length: 2116
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 eksiseyler-text-logo@2x.png
ekstat.com/img/new-logos/ 3 KB
4 KB 47ms
46ms Image
image/png 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/new-logos/eksiseyler-text-logo@2x.png

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

cf-cache-status: HIT
etag: "b9906e8f851d41:0"
age: 2282916
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=R5Hub7nbLB%2FmqhuJPgXERPt%2F%2FOVPFDq4udMWJ6PjRqQqmrWYai2OPPMVnoTjEOd7YRfVfQ1XssPDvzHuIP34hb41Kil89s2LgTQ%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/png
last-modified: Fri, 21 Sep 2018 22:11:23 GMT
vary: accept-encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894abffe86265b0-FRA
accept-ranges: bytes
content-length: 3534
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 15 KB
15 KB 42ms
23ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 361806
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:57:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:57:04 GMT
last-modified: Wed, 10 Sep 2025 16:47:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14868
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 15 KB
15 KB 43ms
24ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

156650610835fe32914722ecfc8dab0ebbb84795e201b842158afa0ea873cfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 361712
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:58:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:58:38 GMT
last-modified: Wed, 10 Sep 2025 16:43:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14876
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 14 KB
14 KB 44ms
25ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 362252
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:49:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:49:38 GMT
last-modified: Wed, 10 Sep 2025 16:43:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14724
x-xss-protection: 0
server: sffe

GET
H3 200 eksi.woff
ekstat.com/font/ 6 KB
6 KB 23ms
13ms Font
font/x-woff 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/font/eksi.woff?94997930

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07151daa9c457318c09c3d787844e806f0a03f898e6a8cece4c9f9647e437399

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"3f1ae93b76abd01:0"
age: 2371296
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vx5KEv1F4x2IPOILQZqdhKIap2FpoOx68hKS9rCj3XDhidrDszYM%2BNmlaXQhIvfE6D0YGx5YTsHwbTA6nRgaCVN9QZZ5mzY2JRw%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: font/x-woff
vary: accept-encoding
last-modified: Sat, 20 Jun 2015 16:29:09 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894ac000c4ddbfa-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 23 KB
23 KB 35ms
17ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

f61f863b7dcf4f836954b8a11abc2b2284fb089d669c2cde701b198f9137fbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 362007
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:53:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:53:43 GMT
last-modified: Wed, 10 Sep 2025 16:49:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23124
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 23 KB
23 KB 44ms
26ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

9d8b9b83f39fe3768c876486e92bb995c1a92c9e85b69481da84e5444ecc980f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 361916
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:55:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:55:14 GMT
last-modified: Wed, 10 Sep 2025 16:43:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23112
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202509300101/ 596 KB
188 KB 8ms
8ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202509300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1ded3e37b198d20e1e50f2c00c8a6b471c4adf8cbb90a764e9586fa0c7fefcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
etag: 3075206955251865029
age: 6492
x-content-type-options: nosniff
expires: Sun, 04 Oct 2026 10:38:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 04 Oct 2025 10:38:58 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 192746
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510020101/ 63 KB
23 KB 19ms
18ms Other
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510020101/gpt

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 13283420341987886150
age: 42181
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 00:44:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 04 Oct 2025 00:44:09 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23314
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202510020101"

GET
H/1.1 200
OK 10924 Show response
serv.nspot.co/unit/ 20 B
264 B 271ms
9ms XHR
application/json 3.78.31.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://serv.nspot.co/unit/10924?t=1759580830742
Requested by: Host: nativespot.com
URL: https://nativespot.com/apijs/v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.78.31.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-78-31-92.eu-central-1.compute.amazonaws.com
Software: nativespot-ad-server /
Resource Hash: a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 20
Date: Sat, 04 Oct 2025 12:27:10 GMT
Content-Type: application/json; charset=utf-8
Server: nativespot-ad-server
Connection: keep-alive
Access-Control-Allow-Methods: GET

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/ 43 B
62 B 23ms
23ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?random=1759580830761&cv=9&fst=1759580830761&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838%2C658953496&u_h=1200&u_w=1600&ig=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&tiba=betwoon%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Sat, 04 Oct 2025 12:27:10 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 block.jpg
delivery.adrecover.com/ 631 B
934 B 9ms
9ms Image
image/jpeg 13.32.27.112
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1759580830830
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.27.112 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-112.fra56.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

etag: "670eb64a-277"
age: 22826972
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: KMXzgbozSfeYq830KsCWsABbjgGMRMx6BKT9u9miz2WwcZ8Z0484Sg==
date: Mon, 13 Jan 2025 07:37:38 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2024 18:36:58 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 631
x-amz-cf-pop: FRA56-C2
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 418 KB
142 KB 33ms
33ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0SCWQ0JSDM&cx=c&gtm=4e5a11

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXV2Z47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5dfac8d606c75f93b1fc0f8f609c7cba598349afc721093b57a9e33f6fdaa914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 04 Oct 2025 12:27:10 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145129
date: Sat, 04 Oct 2025 12:27:10 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 47ms
8ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
age: 5846
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 12:49:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 10:49:44 GMT
last-modified: Tue, 15 Jul 2025 00:44:26 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20737
server: Golfe2

GET
H2 200 xgemius.js Show response
gatr.hit.gemius.pl/ 88 KB
25 KB 73ms
24ms Script
text/javascript 92.222.252.172
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://gatr.hit.gemius.pl/xgemius.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.222.252.172 Paris, France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip172.ip-92-222-252.eu
Software: GHC /
Resource Hash: 3c685e29015cef764f9b85065b8728eae3a74ae39c08917022c0eb3b310b4754

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Sun, 05 Oct 2025 00:27:10 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 25079
date: Sat, 04 Oct 2025 12:27:10 GMT
last-modified: Fri, 22 Aug 2025 15:25:08 GMT
vary: Accept-Encoding,Origin
server: GHC
content-type: text/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 21 KB
7 KB 48ms
16ms Script
text/javascript 18.244.18.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"3f6dea365716e8ba82711013483c4d83"
age: 34383
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: i0Vu7jw-ql6NmtrobdEJySAwHC7nkE8c6__Z21zalRx8e0vMEUzGiA==
date: Sat, 04 Oct 2025 02:54:08 GMT
content-type: text/javascript
last-modified: Mon, 08 Sep 2025 13:30:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK info
uip.semasio.net/omdtr/1/ 42 B
239 B 141ms
74ms Image
image/gif 77.243.51.122
NETIC-AS Netic A/S

General

Check archive.org

Download Go to Show image

Full URL: https://uip.semasio.net/omdtr/1/info?_referrer=https%3A//eksisozluk.com/betwoon--7389600&sType=view&nCampaignId=1&nJs=1&_ignore=10760268643780758
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

access-control-allow-origin: *
routing-server-id: -1
uip-response-status: Ok
frontend-id: 9
date: Sat, 04 Oct 2025 12:27:10 GMT
content-length: 42
content-type: image/gif

GET
H2 200 feedback
feedback.adrecover.com/ARWebService/ 70 B
277 B 121ms
70ms Image
image/png 144.21.34.64
ORACLE-BMC-31898

General

Check archive.org

Download Go to Show image

Full URL: https://feedback.adrecover.com/ARWebService/feedback?ts=1759580830867&adBlockedAA=false&packetId=00000001-623cdd7c-02d4-4449-be68-d0610de493b0&siteId=41209&pageGroup=HOME_ADRECOVER&url=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&country=DE&platform=DESKTOP
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.21.34.64 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

x-robots-tag: noindex
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, POST
expires: 0
access-control-allow-origin: *
content-length: 70
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: image/png
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 1024435 Show response
fundingchoicesmessages.google.com/i/ 207 KB
67 KB 84ms
47ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1024435?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202509300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e596a34b152a574641c40029b06397c054d83d54f17d7291217e81d939542357

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LFL2hAHW8IGk_yzSxbepwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:10 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1JBiaL15jnU6EBsqXGJ1BuIP9ZdZfwBxkcQV1hYg_lR1g1Wk-gZrEvtN1hIgNj14i9UdiM38brPaAXG1uxdbMxDv--_LdgyIhXg45i1tOc4m8ONJ0wlmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDI1NDAwMjPQOT-AIDAPTaNvU"
content-security-policy: script-src 'report-sample' 'nonce-LFL2hAHW8IGk_yzSxbepwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK async.js Show response
app.gelirartisi.com/ 18 KB
4 KB 102ms
50ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/async.js?zid=72

Requested by

Host: app.networkad.net
URL: https://app.networkad.net/netasync.js?zid=571

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

d509d3c2638f8f97956841a870df8ed04d0e201ac878c7235a0b6644b95ed8a0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Connection: keep-alive
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-XSS-Protection: 1; mode=block
Date: Sat, 04 Oct 2025 12:27:10 GMT
Content-Type: text/javascript

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 44ms
43ms Image
text/plain 18.244.18.32
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=19592957&cs_it=b1&cv=4.13.1%2B2508250908&ns__t=1759580830919&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&c8=betwoon%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c9=
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: lUx4pb1Qdrb7azL2kVl6Qbng9P_4Uig4MgSl7gT44o2xgbZ2Iked7w==
date: Sat, 04 Oct 2025 12:27:10 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

GET
H/1.1 200
OK gart.dfp.js Show response
app.gelirartisi.com/ 188 KB
60 KB 182ms
136ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/gart.dfp.js?v=1.0

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/withdfp.js?sid=6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

fedcd38c55189255ebdc239bb0b9e18e462cd164fd6b568bfb1ef07dca3ac076

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: 192689-1759580831000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Date: Sat, 04 Oct 2025 12:27:11 GMT
Content-Type: text/javascript
Last-Modified: 1759580831000

GET
H2 200 fpdata.js Show response
gatr.hit.gemius.pl/ 294 B
409 B 45ms
44ms Script
text/javascript 92.222.252.172
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://gatr.hit.gemius.pl/fpdata.js?href=eksisozluk.com
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.222.252.172 Paris, France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip172.ip-92-222-252.eu
Software: GHC /
Resource Hash: e97fe7cab13de1dce7e332d2912f886ef9e96e238fef4b832ce1b5a82154ff38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: private, max-age=2592000
etag: PRIVATE7520710249
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Mon, 03 Nov 2025 12:27:10 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 294
date: Sat, 04 Oct 2025 12:27:10 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
content-type: text/javascript
server: GHC

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame E308 6 KB
3 KB 140ms
49ms Document
text/html 146.59.30.100
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: ba17ddd2e8cf782f6465e759e8b292e1c8ff27348c04dd0be6668bb6f01ad850

Request headers

Referer: https://eksisozluk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2810
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Oct 2025 12:27:11 GMT
etag: PRIVATE7520710249
expires: Mon, 03 Nov 2025 12:27:11 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H3 204 AGSKWxXLgx8m7QzhRyQ9UScNCp2cOtw6IktThcrTxt_6XgHcxpYAOG6C--zFIoyeZv4G9D4mQLWTcGmIwQfunirur9CIJCFhOZ8dAqllToB1hXGuhfKG8CRc-sm5_O3JCI8O-yoY7HGg9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
22ms XHR
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXLgx8m7QzhRyQ9UScNCp2cOtw6IktThcrTxt_6XgHcxpYAOG6C--zFIoyeZv4G9D4mQLWTcGmIwQfunirur9CIJCFhOZ8dAqllToB1hXGuhfKG8CRc-sm5_O3JCI8O-yoY7HGg9g==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.i-upMIwqIL0.es5.O/d=1/rs=AJlcJMwnkPyIVbQxogIPikNowFpJlk0FmA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0r1ACV4MKQDZqO9S_FJmrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uaYv7TlOJvAjPc3eJVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqaGBgZGegXl8gQEAWnEo6g"
content-security-policy: script-src 'report-sample' 'nonce-0r1ACV4MKQDZqO9S_FJmrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVcPhrANJaq9ke2-s1_C3f1GbGvoU3T7FLHFoRuM0o9OKSsMIYugQU90JT_BP2iXltXgQ4jqVq8cpygrcFG5_XtjzIIXaMvRIJmOZzocBpJifCUrdv1XEhXQrOYsHHnW5Agw2chlA== Show response
fundingchoicesmessages.google.com/f/ 455 KB
67 KB 70ms
70ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVcPhrANJaq9ke2-s1_C3f1GbGvoU3T7FLHFoRuM0o9OKSsMIYugQU90JT_BP2iXltXgQ4jqVq8cpygrcFG5_XtjzIIXaMvRIJmOZzocBpJifCUrdv1XEhXQrOYsHHnW5Agw2chlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzU5NTgwODMxLDE4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2Vrc2lzb3psdWsuY29tL2JldHdvb24tLTczODk2MDAiLG51bGwsW1s4LCJpLXVwTUl3cUlMMCJdLFs5LCJkZSJdLFsxOSwiMSJdLFsyNCwiIl0sWzI5LCJmYWxzZSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

5fde2463dde8e633b3433726928a2b4c21c5b66d4330fe1d180c708cd8be6739

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TysMl_rMXhuluysxp6OX3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1ZBiaL15jnU6EBsqXGJ1BuIP9ZdZfwBxkcQV1hYg_lR1g1Wk-gZrEvtN1hIgNj14i9UdiM38brPaAXG1uxdbMxDv--_LdgyIhbg55i9tOc4mcODVMjUljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjU0MDAyM9A5P4AgMAr9Y2Rg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TysMl_rMXhuluysxp6OX3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 112ms
77ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0SCWQ0JSDM&gtm=45je5a11v9175832440z876850206za200zb76850206zd76850206&_p=1759580830691&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&cid=1875291445.1759580831&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616986~115834636~115834638&sid=1759580831&sct=1&seg=0&dl=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&dt=betwoon%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&en=page_view&_fv=1&_ss=1&tfd=729
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SCWQ0JSDM&cx=c&gtm=4e5a11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eksisozluk.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK gart.min.js Show response
app.gelirartisi.com/ 226 KB
79 KB 54ms
52ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/gart.min.js?v=1.0

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/async.js?zid=72

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

1c5fd52042e2d3c2767a488e1cfb040ccc9e50cc988c7e316bd95c7034fac0ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: 231897-1759580831000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Date: Sat, 04 Oct 2025 12:27:11 GMT
Content-Type: text/javascript
Last-Modified: 1759580831000

GET
H2 200 css
fonts.googleapis.com/ 123 KB
6 KB 23ms
22ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.i-upMIwqIL0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwnkPyIVbQxogIPikNowFpJlk0FmA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

ad3dc749692788bb7f8683230634f05172f8bf3d9f99c4f02ed3de21d8340eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 12:27:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 04 Oct 2025 12:27:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 1w57TaDYehOMQNiDytAXJlHsT6qsHd02AYLpAV4NRRGrD2St3SJsW1-WDYmDkA5JQROg31KqABc-nMakrG6m8qgwGRj6k0DfIFhnipQMMt6XDFJv2cr8=h60
lh3.googleusercontent.com/ 6 KB
6 KB 97ms
30ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/1w57TaDYehOMQNiDytAXJlHsT6qsHd02AYLpAV4NRRGrD2St3SJsW1-WDYmDkA5JQROg31KqABc-nMakrG6m8qgwGRj6k0DfIFhnipQMMt6XDFJv2cr8=h60

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

fife /

Resource Hash

198e1af7b7b86170c55894eb9cf337984fb75e2af75ae8537d0cd2b2aa817669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 11951
x-content-type-options: nosniff
expires: Sun, 05 Oct 2025 09:08:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 09:08:00 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6005
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 18ms
18ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://eksisozluk.com/

Response headers

age: 361884
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:55:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:55:47 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 19ms
18ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://eksisozluk.com/

Response headers

age: 361964
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 30 Sep 2026 07:54:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 30 Sep 2025 07:54:27 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXLgx8m7QzhRyQ9UScNCp2cOtw6IktThcrTxt_6XgHcxpYAOG6C--zFIoyeZv4G9D4mQLWTcGmIwQfunirur9CIJCFhOZ8dAqllToB1hXGuhfKG8CRc-sm5_O3JCI8O-yoY7HGg9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JjL5Nz_cpT0dztlgps2cdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uaYv7TlOJvAjEe7ApRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqaGBgZGegXl8gQEAXPoo-Q"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JjL5Nz_cpT0dztlgps2cdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXLgx8m7QzhRyQ9UScNCp2cOtw6IktThcrTxt_6XgHcxpYAOG6C--zFIoyeZv4G9D4mQLWTcGmIwQfunirur9CIJCFhOZ8dAqllToB1hXGuhfKG8CRc-sm5_O3JCI8O-yoY7HGg9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PtG6-y5ffwDF18WWgy41Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uaYv7TlOJvAiYdbA5RckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqaGBgZGegXl8gQEAaZgpJA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PtG6-y5ffwDF18WWgy41Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2

200

rexdot.js Show response
gatr.hit.gemius.pl/__/_1759580831169/
Redirect Chain

https://gatr.hit.gemius.pl/_1759580831169/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Feksi...
https://gatr.hit.gemius.pl/__/_1759580831169/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fe...

167 B
652 B

63ms
62ms

Script
text/javascript

92.222.252.172
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://gatr.hit.gemius.pl/__/_1759580831169/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.EzbpH_rrUyhOUKE3mSNv12C8JeaD2P3YQTQzaLQObH.b7dQP_l4AlJ9wxBL6hDpvjna27KqHSo8G6sF6kE.5ABK1Aq1/LJZ9szMpaJ0H1/&fpdata=SzNrUGrIBVsohw2YUBDjyHZZxeAWsJK5p5iKKymjdRv.A7%7C1759580830%7C2%7C%7C%7C8%3A3%3A32&ltime=213&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=68e1129e38fc15cd&brts=1759580831&fpcap=
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/betwoon--7389600
Protocol: H2
Server: 92.222.252.172 Paris, France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip172.ip-92-222-252.eu
Software: GHC /
Resource Hash: 83a3ccf26ec927a574096d05ffca854b4824335192fdd296c9b391b51f84daeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Oct 2025 12:27:11 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 167
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: text/javascript
server: GHC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
location: /__/_1759580831169/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.EzbpH_rrUyhOUKE3mSNv12C8JeaD2P3YQTQzaLQObH.b7dQP_l4AlJ9wxBL6hDpvjna27KqHSo8G6sF6kE.5ABK1Aq1/LJZ9szMpaJ0H1/&fpdata=SzNrUGrIBVsohw2YUBDjyHZZxeAWsJK5p5iKKymjdRv.A7%7C1759580830%7C2%7C%7C%7C8%3A3%3A32&ltime=213&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=68e1129e38fc15cd&brts=1759580831&fpcap=
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Oct 2025 12:27:11 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 0
date: Sat, 04 Oct 2025 12:27:11 GMT
server: GHC

POST
H2 204 request Show response
ssp.theadx.com/ 0
276 B 208ms
96ms Fetch 31.186.3.130
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://ssp.theadx.com/request?tagid=3143

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.3.130 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-3-130.turkticaret.net

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

permissions-policy: browsing-topics=()
access-control-allow-origin: https://eksisozluk.com
cache-control: no-store, no-cache
date: Sat, 04 Oct 2025 12:27:11 GMT
x-xss-protection: 1; mode=block
server: nginx/1.24.0 (Ubuntu)
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 318 B
526 B 112ms
62ms Fetch
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1967356&size_id=65&rp_schain=1.0,1!eksisozluk.com,289,1,,,&rf=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&tg_i.domain=eksisozluk.com&tg_i.page=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&tk_flint=pbjs_lite_v9.25.0-pre&l_pb_bid_id=52d3f229b800b3&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.1610313537724518
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 381e78892f3881a10c8f55adffefc96b5562f26eef125c721338bd9d1fd2b869

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 318
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 114ms
60ms Fetch 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://eksisozluk.com
date: Sat, 04 Oct 2025 12:27:11 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
401 B 133ms
97ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sat, 04 Oct 2025 12:27:11 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 42
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: application/json
vary: Accept-Encoding

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
274 B 98ms
64ms XHR
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1984786&size_id=15&p_pos=unknown&rf=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&tk_flint=pbjs_lite_v2.2.0-pre&x_source.tid=ff677a74-67a0-49f4-8b4b-6dcf8b608d00&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&slots=1&rand=0.6510512457799286
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 7a33f6f6e034d5661445e04cf8c685b48be8cd47a418cb96e114ff2f1cb28eee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 241
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
274 B 116ms
82ms XHR
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1967356&size_id=65&p_pos=unknown&rf=https%3A%2F%2Feksisozluk.com%2Fbetwoon--7389600&tk_flint=pbjs_lite_v2.2.0-pre&x_source.tid=bbadfae3-445d-49e6-a9cd-d50188929d56&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&slots=1&rand=0.05654336373357616
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 02e3b5e821533d8e389c143e4dfab35c96ad2865bbf8fd53f495a4c286d29937

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 241
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 99ms
60ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://eksisozluk.com
date: Sat, 04 Oct 2025 12:27:11 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 request Show response
ssp.theadx.com/ 0
274 B 191ms
95ms XHR
text/plain 31.186.3.130
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://ssp.theadx.com/request?tagid=3143

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.3.130 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-3-130.turkticaret.net

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

permissions-policy: browsing-topics=()
access-control-allow-origin: https://eksisozluk.com
cache-control: no-store, no-cache
date: Sat, 04 Oct 2025 12:27:11 GMT
x-xss-protection: 1; mode=block
server: nginx/1.24.0 (Ubuntu)
access-control-allow-credentials: true

GET
H3 200 favicon-32x32.png
ekstat.com/img/ 456 B
905 B 14ms
14ms Other
image/png 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/img/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c2a451c53a49299dc3638c61203286b261a841c18f8c6161f35e4caf1ef6b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "74a75b335e73d21:0"
age: 2266990
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FZYW8iyb%2B%2B9Cid6k31v2gM61RlkH%2FD9YgHTAbL8zelkpzQu2osYNfUnk%2FiLC%2BniXFMaZG34M7VUkDpEvV5Ts3W2xooiV%2Fgn%2FAE4%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Oct 2025 12:27:11 GMT
content-type: image/png
last-modified: Fri, 20 Jan 2017 20:45:57 GMT
vary: accept-encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9894ac03786e65b0-FRA
accept-ranges: bytes
content-length: 456
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 128ms
112ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202509300101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eksisozluk.com/

Response headers

Verdicts & Comments Add Verdict or Comment

112 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eksisozluk.com/	1970-01-21 17:31:56	Name: iq Value: 288bb4aeefc6464e8f43e4eb19c058d8
eksisozluk.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ww2yspk1uamanqtu1jjitn5b
eksisozluk.com/	1969-12-31 23:59:59	Name: channel-filter-preference-cookie Value: W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfV0=
.doubleclick.net/	1970-01-21 18:07:56	Name: IDE Value: AHWqTUlQhMjjrwukWRfGQMC0iMIcvfKeB2sr-avAX3WLI9Y4e8NjlFS36REM_7XR
.networkad.net/	1970-01-21 08:47:47	Name: uid_73343450-a11d-11f0-87a5-df59aba39856 Value: 1759580830741
.networkad.net/	1970-01-21 09:00:44	Name: tracking Value: {"1759525200":{"capping":{"zonex":{},"zonexdate":{},"bannerx":{},"bannerxdate":{}}}}
.networkad.net/	1970-01-21 08:46:21	Name: crstr Value: {}
eksisozluk.com/	1970-01-21 08:46:22	Name: lastnwcrtid_571 Value: {}
.eksisozluk.com/	1970-01-21 18:22:20	Name: _ga_0SCWQ0JSDM Value: GS2.1.s1759580831$o1$g0$t1759580831$j60$l0$h0
.eksisozluk.com/	1970-01-21 18:22:20	Name: _ga Value: GA1.1.1875291445.1759580831
.eksisozluk.com/	1970-01-21 18:15:08	Name: __gfp_64b Value: SzNrUGrIBVsohw2YUBDjyHZZxeAWsJK5p5iKKymjdRv.A7\|1759580830\|2\|\|\|8:3:32
.hit.gemius.pl/	1970-01-21 18:15:08	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-21 08:56:25	Name: Gtest Value: KlShnMMGQMGGC3I9JCoFa7lvssGMXP8c25nSG6slUGnWXBG.
.hit.gemius.pl/	1970-01-21 18:15:08	Name: Gdyn Value: KlxVMMaGQMGGC3I9JCoFa7lvssGMXP8c25nSG6slUGnWFRxSG7RrGS6Gu4MtFlnMxgGPoeISD0F6Sssa
.hit.gemius.pl/	1970-01-21 18:15:08	Name: Gdynp Value: nTvVCXgS3w53_nDPENK1h3SGa5rVXDiyXuf7tlkcAf3.V7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.doubleclick.net
app.gelirartisi.com
app.networkad.net
delivery.adrecover.com
eksisozluk.com
ekstat.com
fastlane.rubiconproject.com
feedback.adrecover.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gatr.hit.gemius.pl
googleads.g.doubleclick.net
img.ekstat.com
lh3.googleusercontent.com
ls.hit.gemius.pl
nativespot.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
serv.nspot.co
ssp.theadx.com
uip.semasio.net
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
104.20.22.102
13.32.27.112
142.250.185.104
142.250.186.130
142.250.186.134
142.250.186.174
142.250.186.97
142.250.186.98
142.250.74.206
144.21.34.64
146.59.30.100
172.217.16.194
172.217.18.10
172.67.131.5
18.244.18.32
185.184.8.90
188.114.96.3
195.201.91.161
216.239.34.36
216.58.206.67
3.78.31.92
31.186.16.160
31.186.3.130
69.173.156.138
77.243.51.122
92.222.252.172
95.101.149.35
02e3b5e821533d8e389c143e4dfab35c96ad2865bbf8fd53f495a4c286d29937
06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4
07151daa9c457318c09c3d787844e806f0a03f898e6a8cece4c9f9647e437399
156650610835fe32914722ecfc8dab0ebbb84795e201b842158afa0ea873cfa4
198e1af7b7b86170c55894eb9cf337984fb75e2af75ae8537d0cd2b2aa817669
1c5fd52042e2d3c2767a488e1cfb040ccc9e50cc988c7e316bd95c7034fac0ec
1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b
1ded3e37b198d20e1e50f2c00c8a6b471c4adf8cbb90a764e9586fa0c7fefcf7
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa
29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa
31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006
381e78892f3881a10c8f55adffefc96b5562f26eef125c721338bd9d1fd2b869
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c685e29015cef764f9b85065b8728eae3a74ae39c08917022c0eb3b310b4754
3d1c550416b50ce4802aae56d878632c2058656bc89cc23f50af5cafa44aacf0
456f90ea1c77f3ab8381b2b4dd7de86cbb4da1f842a1d91f9387c67f2ef2bae5
47630179be57c65ea6745464ce7dc29e357e36a50c0fa1e4d376d7069a057747
4c2a451c53a49299dc3638c61203286b261a841c18f8c6161f35e4caf1ef6b95
5dfac8d606c75f93b1fc0f8f609c7cba598349afc721093b57a9e33f6fdaa914
5fde2463dde8e633b3433726928a2b4c21c5b66d4330fe1d180c708cd8be6739
6440ccad5fa352c970702fc057d5dacaeeb8a68a6311ecf5169ae010bf7c2b6b
691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6e9c46ae00de7462cc9e7ab1bea3696adc6ace8df32d51914ec66aa632fd9c5a
6ecc3099e92ca2dbe63a0f6b327b530ba038d3b63ecac92fea595089391f18dc
7712ebde9f648708aa4d32f154c3cf1a7eb874890d4a43a9e163c494e105d598
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7a33f6f6e034d5661445e04cf8c685b48be8cd47a418cb96e114ff2f1cb28eee
7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce
7f57b9b144fe8f22d137f764ef8a2d95aeaa9789351d4228a02afdd21776f84a
83a3ccf26ec927a574096d05ffca854b4824335192fdd296c9b391b51f84daeb
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
95a011973ca8fa12b020d1f252709114cd4e905ed3b6ad432170eee221ed7101
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d8b9b83f39fe3768c876486e92bb995c1a92c9e85b69481da84e5444ecc980f
a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f
a6ebb39326064495b2db061629ca4aa96c50b6e3490679fd78e5e0a9cf65cd3c
ad3dc749692788bb7f8683230634f05172f8bf3d9f99c4f02ed3de21d8340eff
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
af649252e1cdec7dafb67824e72e025d971199cb096ba373e581f494b008d5d6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba17ddd2e8cf782f6465e759e8b292e1c8ff27348c04dd0be6668bb6f01ad850
c1582e7ff7917ee324bd3f0591b668d243c154c389ebb3b970042c15d7f31483
cb0961555880fa7f9f9410f69e43eb629ccc4d7588dfc534f36993bda5ee6167
d04e6d387ad1e52bdea082cf7a547f4b0f5f3402ce69e6d8b14b684bfc07e13a
d509d3c2638f8f97956841a870df8ed04d0e201ac878c7235a0b6644b95ed8a0
dabfbf3cb718c9117f04147537ac7891af8beabd40d1d96133d82de237a6265e
de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e596a34b152a574641c40029b06397c054d83d54f17d7291217e81d939542357
e5fae3fc27c6e604ae41f3ee0bfd55899108e513703c592aa82af5a8889cd403
e97fe7cab13de1dce7e332d2912f886ef9e96e238fef4b832ce1b5a82154ff38
e9f511a53045279d822e256938104b1541c0892e4f70eaea3a8d5c5e62f8041e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f52eaaeedb4b40e579c092cc2330765e25aaaf8e5ab0ac3c893ad996f912a4
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
f61f863b7dcf4f836954b8a11abc2b2284fb089d669c2cde701b198f9137fbcb
fa10eaa61b50563cb89eecd1c94e3bd1dd3d8843eb31dddd970509cf4480d4bb
fedcd38c55189255ebdc239bb0b9e18e462cd164fd6b568bfb1ef07dca3ac076

eksisozluk.com Open in urlscan Pro 104.20.22.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

96 %HTTPS

0 %IPv6

23 Domains

29 Subdomains

28 IPs

7 Countries

2228 kBTransfer

5190 kBSize

15 Cookies

19 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eksisozluk.com Open in urlscan Pro
104.20.22.102 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

96 %
HTTPS

0 %
IPv6

23
Domains

29
Subdomains

28
IPs

7
Countries

2228 kB
Transfer

5190 kB
Size

15
Cookies

70 HTTP transactions
1 data transactions