eksisozluk.com
172.66.172.175 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://eksisozluk.com/cratosroyalbet--7396137 13yr old
Submission Tags: @phish_report
Submission: On November 30 via api (November 30th 2025, 4:10:56 pm UTC) from FI — Scanned from DE

Summary HTTP 62 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 22 domains to perform 62 HTTP transactions. The main IP is 172.66.172.175, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is eksisozluk.com. The Cisco Umbrella rank of the primary domain is 149448. 13yr old
TLS certificate: Issued by WE1 on November 13th 2025. Valid for: 3mo.

This is the only time eksisozluk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.66.172.175 172.66.172.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
10	172.67.131.5 172.67.131.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	31.186.16.160 31.186.16.160	197720 (TURKTICAR...) (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S.)
1 2	195.201.91.161 195.201.91.161	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
7	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	35.158.4.242 35.158.4.242	16509 (AMAZON-02) (AMAZON-02)
6	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1 4	92.222.252.172 92.222.252.172	16276 (OVH OVH SAS) (OVH OVH SAS)
2	18.244.18.122 18.244.18.122	16509 (AMAZON-02) (AMAZON-02)
1	77.243.51.121 77.243.51.121	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH OVH SAS) (OVH OVH SAS)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	31.186.3.130 31.186.3.130	197720 (TURKTICAR...) (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S.)
3	69.173.156.138 69.173.156.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
62	26

3 172.66.172.175 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

eksisozluk.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 172.67.131.5 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

ekstat.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
img.ekstat.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

nativespot.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 31.186.16.160 (Turkey)

ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR)
PTR: reverse-31-186-15-160.turkticaret.net

app.gelirartisi.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 195.201.91.161 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.161.91.201.195.clients.your-server.de

app.networkad.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net

www.googletagmanager.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.158.4.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-4-242.eu-central-1.compute.amazonaws.com

serv.nspot.co 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

fundingchoicesmessages.google.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 92.222.252.172 (Paris, France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ip172.ip-92-222-252.eu

gatr.hit.gemius.pl 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 18.244.18.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-122.fra56.r.cloudfront.net

sb.scorecardresearch.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 77.243.51.121 (Aalborg, Denmark)

ASN42697 (NETIC-AS Netic A/S, DK)

uip.semasio.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

lh3.googleusercontent.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 31.186.3.130 (Turkey)

ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR)
PTR: reverse-31-186-3-130.turkticaret.net

ssp.theadx.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 69.173.156.138 (Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
10	ekstat.com ekstat.com — Cisco Umbrella Rank: 139430 13yr old img.ekstat.com — Cisco Umbrella Rank: 183828 4yr old	299 KB
7	gstatic.com fonts.gstatic.com 9yr old	170 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 800 7yr old	137 KB
5	gemius.pl 1 redirects gatr.hit.gemius.pl — Cisco Umbrella Rank: 73365 9yr old ls.hit.gemius.pl — Cisco Umbrella Rank: 24969 8yr old	30 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 308 9yr old googleads.g.doubleclick.net — Cisco Umbrella Rank: 78 56yr old	248 KB
4	gelirartisi.com app.gelirartisi.com — Cisco Umbrella Rank: 212691 7yr old	145 KB
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 749 9yr old	1 KB
3	eksisozluk.com eksisozluk.com — Cisco Umbrella Rank: 149448 13yr old	44 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 9886 8yr old	353 B
2	theadx.com ssp.theadx.com — Cisco Umbrella Rank: 30951 7yr old	552 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 235 9yr old	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 56yr old region1.google-analytics.com — Cisco Umbrella Rank: 1789 5yr old	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 77 56yr old	272 KB
2	networkad.net 1 redirects app.networkad.net — Cisco Umbrella Rank: 307079 9yr old	27 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 97 56yr old	7 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 166 9yr old
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 2109 9yr old	401 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 98 9yr old	6 KB
1	semasio.net uip.semasio.net — Cisco Umbrella Rank: 43391 13yr old	239 B
1	nspot.co serv.nspot.co — Cisco Umbrella Rank: 334215 8yr old	264 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154 56yr old	23 KB
1	nativespot.com nativespot.com — Cisco Umbrella Rank: 297437 9yr old	987 B
62	22

	Domain	Requested by
9	ekstat.com	eksisozluk.com ekstat.com
7	fonts.gstatic.com	fonts.googleapis.com eksisozluk.com
6	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	gatr.hit.gemius.pl	1 redirects eksisozluk.com gatr.hit.gemius.pl
4	app.gelirartisi.com	eksisozluk.com app.networkad.net app.gelirartisi.com
3	fastlane.rubiconproject.com	app.gelirartisi.com
3	securepubads.g.doubleclick.net	eksisozluk.com securepubads.g.doubleclick.net
3	eksisozluk.com	eksisozluk.com
2	prebid-eu.creativecdn.com	app.gelirartisi.com
2	ssp.theadx.com	app.gelirartisi.com
2	sb.scorecardresearch.com	eksisozluk.com
2	www.googletagmanager.com	eksisozluk.com www.googletagmanager.com
2	googleads.g.doubleclick.net	eksisozluk.com www.googleadservices.com
2	app.networkad.net	1 redirects eksisozluk.com
2	fonts.googleapis.com	eksisozluk.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	a.teads.tv	app.gelirartisi.com
1	lh3.googleusercontent.com	eksisozluk.com
1	ls.hit.gemius.pl	gatr.hit.gemius.pl
1	region1.google-analytics.com	www.googletagmanager.com
1	uip.semasio.net	eksisozluk.com
1	www.google-analytics.com	eksisozluk.com
1	serv.nspot.co	nativespot.com
1	www.googleadservices.com	eksisozluk.com
1	img.ekstat.com	eksisozluk.com
1	nativespot.com	eksisozluk.com
62	26

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
eksiseyler.com
www.facebook.com
bsky.app
www.instagram.com
x.com

Subject Issuer	Validity	Valid
eksisozluk.com WE1	`2025-11-13` - `2026-02-11`	3mo	crt.sh
upload.video.google.com WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
*.g.doubleclick.net WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
ekstat.com WE1	`2025-11-28` - `2026-02-26`	3mo	crt.sh
nativespot.com WE1	`2025-10-13` - `2026-01-11`	3mo	crt.sh
app.gelirartisi.com R13	`2025-09-11` - `2025-12-10`	3mo	crt.sh
*.googleadservices.com WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
*.google-analytics.com WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
*.gstatic.com WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
serv.nspot.co Amazon RSA 2048 M02	`2025-02-03` - `2026-03-04`	1yr	crt.sh
*.google.com WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
*.hit.gemius.pl Sectigo Public Server Authentication CA DV E36	`2025-09-08` - `2026-09-25`	1yr	crt.sh
*.scorecardresearch.com Sectigo Public Server Authentication CA OV R36	`2025-10-09` - `2026-10-09`	1yr	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2025-05-09` - `2026-06-09`	1yr	crt.sh
*.googleusercontent.com WE2	`2025-10-27` - `2026-01-19`	3mo	crt.sh
*.theadx.com RapidSSL TLS RSA CA G1	`2025-03-11` - `2026-03-12`	1yr	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	1yr	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2025-04-17` - `2026-05-02`	1yr	crt.sh
teads.tv R13	`2025-10-12` - `2026-01-10`	3mo	crt.sh

This page contains 2 frames:

Primary Page: https://eksisozluk.com/cratosroyalbet--7396137
Frame ID: EE482BEFA7E5714D87E9C4CEEC12D7CD
Requests: 62 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 836CB4DADC3B47BD0B08BD4E0BFC65DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

cratosroyalbet - ekşi sözlük

Detected technologies

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

97 %
HTTPS

0 %
IPv6

22
Domains

26
Subdomains

26
IPs

7
Countries

1439 kB
Transfer

4364 kB
Size

16
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/penavideo

Search URL Search Domain Scan URL

URL: https://eksiseyler.com/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Feksisozluk.com%2Fentry%2F165032237&p[title]=cratosroyalbet&p[summary]=%0A%20%20%20%20uzak%20durulmas%C4%B1%20gereken%20sitelerden.%20%C3%B6demelerin%20de%20s%C4%B1k%C4%B1nt%C4%B1%20oldu%C4%9Fu%20i%C3%A7in%20de%C4%9Fil%20bu%20entry.%20rtp%27si%20a%C5%9F%C4%B1r%C4%B1%20k%C3%B6t%C3%BC%20ve%20grandpashabet%20ile%20ayn%C4%B1%20kasaya%20ait.%20bu%20kadar%20k%C3%B6t%C3%BC%20rtp%27si%20olan%20bir%20altyap%C4%B1%20yok.%20grandpashabet%27in%20laciverti.%0A%20%20&p[images][0]=https://eksisozluk.com/content/img/ilogo_fbv2.png&v=1
Title: facebook

Search URL Search Domain Scan URL

URL: https://bsky.app/intent/compose?text=cratosroyalbet%0Ahttps://eksisozluk.com/entry/165032237
Title: bluesky'da paylaş

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sozluk
Title: instagram

Search URL Search Domain Scan URL

URL: https://x.com/sozluk
Title: x

Search URL Search Domain Scan URL

URL: https://bsky.app/profile/eksisozluk.com
Title: bluesky

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eksisozluk
Title: facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://app.networkad.net/netasync.js?zid=571 HTTP 302
https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Request Chain 51

https://gatr.hit.gemius.pl/_1764519057670/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=txLAUVxHMMRCUV8KhjzgLvZMsqRN2YOpmL3XTVbg5vL.W7T3_wQhyJKYg5Ae1_7KZI3E0aTHAoxIYl4sIl0gUX2TEzTC/s5_FNG18lwnda/&fpdata=tDgQ0NM5zcwdFkU8waoiGv9sG97RQuDWOhrLvTDzdKb.07%7C1764519057%7C2%7C%7C%7C8%3A3%3A32&ltime=135&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=692c6c911fdf45e2&brts=1764519057&fpcap= HTTP 301
https://gatr.hit.gemius.pl/__/_1764519057670/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=txLAUVxHMMRCUV8KhjzgLvZMsqRN2YOpmL3XTVbg5vL.W7T3_wQhyJKYg5Ae1_7KZI3E0aTHAoxIYl4sIl0gUX2TEzTC/s5_FNG18lwnda/&fpdata=tDgQ0NM5zcwdFkU8waoiGv9sG97RQuDWOhrLvTDzdKb.07%7C1764519057%7C2%7C%7C%7C8%3A3%3A32&ltime=135&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=692c6c911fdf45e2&brts=1764519057&fpcap=

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request cratosroyalbet--7396137 Show response
eksisozluk.com/ 75 KB
29 KB 291ms
271ms Document
text/html 172.66.172.175
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.172.175 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09fe787d1143e6e2fe4c40c4e0b5a6a36d8ebefc0cb57c79b17da8d4ebd2d853

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9a6b9e29088b37da-FRA
content-encoding: gzip
content-length: 28694
content-type: text/html; charset=utf-8
date: Sun, 30 Nov 2025 16:10:57 GMT
expires: -1
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 41ms
17ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

6ecc3099e92ca2dbe63a0f6b327b530ba038d3b63ecac92fea595089391f18dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 16:10:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 30 Nov 2025 14:45:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 48ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8debc189f0f5e1799e54127fb46d0424f8ec9ac3d381821587c96e221fde3788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
etag: 497 / 20422 / m202511120101 / config-hash: 14247479607061606112
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 16:10:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34018
x-xss-protection: 0
server: cafe

GET
H3 200 jquery-combo.js Show response
ekstat.com/js/ 355 KB
136 KB 36ms
15ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/jquery-combo.js?v=utAHFtcjmF2o01saefs-_hW64F3xA2mFwtIFxRQlMdg1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780ca8fdeaf001ab35f007c8e14d18dfca90162adb3d03624679d43929863227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 868187
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hYodvqrVt%2FYdDsUWizuu%2Fw2Gct9EQOcY19uh1y%2B3qLieyUT4fJlZHg6qjRpHaC8m1R4dsmkMQWkcSEDm%2B6coXTJhlUDX3sGSY8c%3D"}]}
x-content-type-options: nosniff
expires: Fri, 20 Nov 2026 15:01:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 20 Nov 2025 15:01:09 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
priority: u=1,i=?0
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2afaeb3735-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ek$i-combo.js Show response
ekstat.com/js/ 67 KB
28 KB 37ms
17ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/ek$i-combo.js?v=qGmH9fRiPnWOE7cPXKh_f76Dp6lgPK4vpE1h5gzXrD81

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1582e7ff7917ee324bd3f0591b668d243c154c389ebb3b970042c15d7f31483

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 297866
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bt1ZLXgDH7xHr7DHKYsspU3zzVqt8jrvBGbWIKaJaPVugg7cEhXec3G04mKVbq4cl%2FJeJk9wgCtI%2BHxak21aJHPCVNrZ%2Fmh2DP8%3D"}]}
x-content-type-options: nosniff
expires: Fri, 27 Nov 2026 05:26:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 27 Nov 2025 05:26:30 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
priority: u=1,i=?0
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2afaec3735-FRA
accept-ranges: bytes
content-length: 27749
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ek$i-794d34287e6838e0.css
ekstat.com/css/ 197 KB
30 KB 39ms
18ms Stylesheet
text/css 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/css/ek$i-794d34287e6838e0.css

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456f90ea1c77f3ab8381b2b4dd7de86cbb4da1f842a1d91f9387c67f2ef2bae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"051a080fe10dc1:0"
age: 221020
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VOTGdD86cyUI1iLgY8%2FI%2B4EBgDw8KhAETHHlq7uGUfEfyvIRp5J6KAqDhqGzzyDMwqnC0AYiVNpOtIjC0R545wnxIKYLz43FJD4%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/css
last-modified: Tue, 19 Aug 2025 11:43:38 GMT
vary: Accept-Encoding,Accept-Encoding
priority: u=0,i=?0
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2afaea3735-FRA
accept-ranges: bytes
content-length: 30367
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 v1.js Show response
nativespot.com/apijs/ 931 B
987 B 38ms
16ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://nativespot.com/apijs/v1.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f511a53045279d822e256938104b1541c0892e4f70eaea3a8d5c5e62f8041e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"rq49cnpv"
age: 5998
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=95gW8MBjDCNlNfUKjm%2Fh%2BB%2F%2FQWOiP2QcZfGfEaXjBEMtTtAWTeyNATZGPl9tW5yIT69lw0zwatzgv5UFF7aQ8ADekCdAu91fOqAQ9%2B13"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/javascript
last-modified: Wed, 15 Feb 2023 10:05:11 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2b79a3d9de-FRA
accept-ranges: bytes
content-length: 494
server: cloudflare

GET
H/1.1 200
OK withdfp.js Show response
app.gelirartisi.com/ 5 KB
2 KB 187ms
85ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/withdfp.js?sid=6

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

d91dc05fa0c6e7d9a695aa41375723c955aeb740aa61bddc60cee2399cb2efd0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Connection: keep-alive
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-XSS-Protection: 1; mode=block
Date: Sun, 30 Nov 2025 16:10:57 GMT
Content-Type: text/javascript

GET
H3 200 lib-defer.js Show response
ekstat.com/js/ 116 KB
46 KB 13ms
12ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/lib-defer.js?v=gV9kArCZ2buGb3nh7dYSR4TYF-raRtVcW35rQ4LWmq81

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d71b983c5be7c5539f3cb2b9da339c8dfa669b9e88d309b8454c77565de776aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 117584
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Cnh5zJmhF7VrgxroBnoMBHr5uUMBIYgvaDHC%2FZBJuiA5mymv6%2FKJvW71pOGEKj8m5%2Bl5KTQoPfohM4J07fiRMaiNXBqQc%2Fdb9To%3D"}]}
x-content-type-options: nosniff
expires: Sun, 29 Nov 2026 07:31:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 29 Nov 2025 07:31:12 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
priority: u=3,i=?0
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2baaf93735-FRA
accept-ranges: bytes
content-length: 46323
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ek$i-defer.js Show response
ekstat.com/js/ 26 KB
10 KB 15ms
14ms Script
text/javascript 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/js/ek$i-defer.js?v=NVU_SwD8DC_ZilpYO_aSoNcSWpUgkH_giGkfWLo6Bks1

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ebb39326064495b2db061629ca4aa96c50b6e3490679fd78e5e0a9cf65cd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 478328
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rmDGcFRCglP%2BvHNbdtfnwy1r1iCog%2FYlkH3GfaGI90GI7QRDNup6pHCPsAjn0HX3pF4bpDDZB4Ec3tS9RkAM02cUuqKnP3fJGYQ%3D"}]}
x-content-type-options: nosniff
expires: Wed, 25 Nov 2026 03:18:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 25 Nov 2025 03:18:48 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
priority: u=3,i=?0
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, no-cache="Set-Cookie"
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2baafa3735-FRA
accept-ranges: bytes
content-length: 10051
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 pena-logo.svg
eksisozluk.com/Content/img/new-logos/ 1 KB
827 B 14ms
13ms Image
image/svg+xml 172.66.172.175
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eksisozluk.com/Content/img/new-logos/pena-logo.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.172.175 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/cratosroyalbet--7396137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"abd8604d2551d41:0"
x-accel-buffering: yes
age: 478142
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
last-modified: Thu, 20 Sep 2018 21:02:55 GMT
content-type: image/svg+xml
vary: accept-encoding
priority: u=2,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
cache-control: public, max-age=31536000
cf-ray: 9a6b9e2ad89237da-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 eksiseyler-logo.svg
eksisozluk.com/Content/img/new-logos/ 19 KB
14 KB 15ms
15ms Image
image/svg+xml 172.66.172.175
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://eksisozluk.com/Content/img/new-logos/eksiseyler-logo.svg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.172.175 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/cratosroyalbet--7396137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"abd8604d2551d41:0"
x-accel-buffering: yes
age: 398033
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
last-modified: Thu, 20 Sep 2018 21:02:55 GMT
content-type: image/svg+xml
vary: accept-encoding
priority: u=2,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
cache-control: public, max-age=31536000
cf-ray: 9a6b9e2ae89337da-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H/1.1

200
OK

netasync.js Show response
app.networkad.net/
Redirect Chain

https://app.networkad.net/netasync.js?zid=571
https://app.networkad.net/netasync.js?isAvailable=1&zid=571

211 KB
26 KB

64ms
63ms

Script
text/javascript

195.201.91.161
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

HTTP/1.1

Server

195.201.91.161 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.161.91.201.195.clients.your-server.de

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

ac339b227fe8176fbf0fa7788383dc2b3232bc800d52f309dbb2809ecd6464ac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Connection: keep-alive
Permissions-Policy: browsing-topics=()
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sun, 30 Nov 2025 16:10:57 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: nginx/1.24.0 (Ubuntu)

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Location: //app.networkad.net/netasync.js?isAvailable=1&zid=571
Connection: keep-alive
Permissions-Policy: browsing-topics=()
Date: Sun, 30 Nov 2025 16:10:57 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: nginx/1.24.0 (Ubuntu)

GET
H3 200 derwegdeskriegers-638547983883429653.jpg
img.ekstat.com/profiles/ 40 KB
40 KB 26ms
17ms Image
image/jpeg 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://img.ekstat.com/profiles/derwegdeskriegers-638547983883429653.jpg

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47630179be57c65ea6745464ce7dc29e357e36a50c0fa1e4d376d7069a057747

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "6678c504-9e3e"
age: 6386
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=V9Hobgd10%2BM%2FwBPKQoKXiJJmp97BTMkXLuJYHswRo2Mbj9eQrx7BkyDR1UkriOb646%2Ba03R%2FE7FuG3zVVw9g7UcKescQ2VUvh0Nih2iC"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: image/jpeg
last-modified: Mon, 24 Jun 2024 00:59:48 GMT
vary: accept-encoding
priority: u=2,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2b0af23735-FRA
accept-ranges: bytes
content-length: 40510
server: cloudflare

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 64 KB
23 KB 51ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

fa0cc1070de0d200a4f2dca145ad1db97572dac8761a8a98c0bc3e75d706b934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
etag: 1525997412556765834
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 16:10:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 23316
x-xss-protection: 0
server: cafe

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/ 42 B
64 B 38ms
21ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?value=0&guid=ON&script=0

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sun, 30 Nov 2025 16:10:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511120101/ 608 KB
192 KB 9ms
8ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6a6929a82c3850f9f3ffef5a46cab9ba58ce13985d87e456a39032a84f82a765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: br
etag: 6518253978845184816
age: 17332
x-content-type-options: nosniff
expires: Mon, 30 Nov 2026 11:22:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 30 Nov 2025 11:22:05 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 196693
x-xss-protection: 0
server: cafe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 390 KB
128 KB 58ms
29ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXV2Z47

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9edc9fce1b31efcf7036dd70bbd694533f0d20a10830112d78fb2f26252fe648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: zstd
expires: Sun, 30 Nov 2025 16:10:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 30 Nov 2025 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 130214
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/ 43 B
61 B 33ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?random=1764519057226&cv=9&fst=1764519057226&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839%2C658953495&u_h=1200&u_w=1600&ig=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&tiba=cratosroyalbet%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Sun, 30 Nov 2025 16:10:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 eksisozluk_logo.svg
ekstat.com/img/new-design/ 4 KB
2 KB 17ms
17ms Image
image/svg+xml 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/new-design/eksisozluk_logo.svg

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2a52c6cfb61d11:0"
age: 941287
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=C%2BTMSPPUwpUH4yE0hw00wqDBuOPLM0mZQ2XnZk5e5mjyL3XQn%2FeIOr2rHTYYVDUmm7aaFsgTPTL871aAOr7KHkqLnK2kW5RVY0A%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: image/svg+xml
last-modified: Sun, 07 Feb 2016 22:58:24 GMT
vary: accept-encoding
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2bbafb3735-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 pena-text-logo@2x.png
ekstat.com/img/new-logos/ 2 KB
3 KB 13ms
13ms Image
image/png 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/new-logos/pena-text-logo@2x.png

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

cf-cache-status: HIT
etag: "b9906e8f851d41:0"
age: 288079
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dS3AxRWLNIrqEqUXK8GHQ5HNQfnufv2Iy4mGqR049MqmoHTJHXHveUOtgpQ3UUszof0QKSOSeIJKX2hOwrnk7M4W9L0kv4Femr8%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: image/png
last-modified: Fri, 21 Sep 2018 22:11:23 GMT
vary: accept-encoding
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2bbafc3735-FRA
accept-ranges: bytes
content-length: 2116
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 eksiseyler-text-logo@2x.png
ekstat.com/img/new-logos/ 3 KB
4 KB 15ms
14ms Image
image/png 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://ekstat.com/img/new-logos/eksiseyler-text-logo@2x.png

Requested by

Host: ekstat.com
URL: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://ekstat.com/css/ek$i-794d34287e6838e0.css

Response headers

cf-cache-status: HIT
etag: "b9906e8f851d41:0"
age: 123752
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Pb16bAvAnmiSx%2FkEihGCLv%2F%2FFbVzetxnJxusxAlGU0T%2FptcCrR9cX6Jwlva5zWkToGFKqEVDs8jKoG716bqJIB3SPd66vts4GWs%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: image/png
last-modified: Fri, 21 Sep 2018 22:11:23 GMT
vary: accept-encoding
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2bbafd3735-FRA
accept-ranges: bytes
content-length: 3534
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 15 KB
15 KB 33ms
17ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 461985
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Nov 2026 07:51:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Nov 2025 07:51:12 GMT
last-modified: Wed, 10 Sep 2025 16:47:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14868
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 15 KB
15 KB 30ms
15ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

156650610835fe32914722ecfc8dab0ebbb84795e201b842158afa0ea873cfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 261657
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 27 Nov 2026 15:30:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 27 Nov 2025 15:30:00 GMT
last-modified: Wed, 10 Sep 2025 16:43:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14876
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 14 KB
14 KB 27ms
12ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 461090
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Nov 2026 08:06:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Nov 2025 08:06:07 GMT
last-modified: Wed, 10 Sep 2025 16:43:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14724
x-xss-protection: 0
server: sffe

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 23 KB
23 KB 24ms
9ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f61f863b7dcf4f836954b8a11abc2b2284fb089d669c2cde701b198f9137fbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 461749
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Nov 2026 07:55:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Nov 2025 07:55:08 GMT
last-modified: Wed, 10 Sep 2025 16:49:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23124
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ 23 KB
23 KB 35ms
20ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

9d8b9b83f39fe3768c876486e92bb995c1a92c9e85b69481da84e5444ecc980f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://fonts.googleapis.com/

Response headers

age: 460767
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Nov 2026 08:11:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Nov 2025 08:11:30 GMT
last-modified: Wed, 10 Sep 2025 16:43:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23112
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK 10924 Show response
serv.nspot.co/unit/ 20 B
264 B 70ms
10ms XHR
application/json 35.158.4.242
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://serv.nspot.co/unit/10924?t=1764519057246
Requested by: Host: nativespot.com
URL: https://nativespot.com/apijs/v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.4.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-4-242.eu-central-1.compute.amazonaws.com
Software: nativespot-ad-server /
Resource Hash: a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 20
Date: Sun, 30 Nov 2025 16:10:57 GMT
Content-Type: application/json; charset=utf-8
Server: nativespot-ad-server
Connection: keep-alive
Access-Control-Allow-Methods: GET

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202511110101/ 64 KB
23 KB 19ms
18ms Other
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202511110101/gpt

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

eb33059cdf158ecd0bae78dfa7762313529cd1bf089205f6821699b2c037e423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 17914686685964197562
age: 57289
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 00:16:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 30 Nov 2025 00:16:08 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23115
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202511110101"

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 1024435 Show response
fundingchoicesmessages.google.com/i/ 214 KB
69 KB 86ms
33ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1024435?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

a17253098c4f8f31a7fc49d6fff2b1ba3aa85650c35f20e128a1114a7dbd926e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Y3D86SWNxBAzmbMsQzT-4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj6mDU4pJi8NSQYmi9eY51KhB3LTrPOguIDRUusToC8Yf6y6w_gLhI4gprExB_qrrBKlR9gzWJ_SZrERCb-d1mtQPiancvtmYgtvX3YXMF4m_FvmxsJb5s-_77sh0D4r05fmxHgTiz04-tEIhX3_Rj2wzEK7z82TYAsRAPx8SbG0-yCTzYMvUAo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpoaGhhZ6BaXyBAQDRSUfB"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Y3D86SWNxBAzmbMsQzT-4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 426 KB
144 KB 25ms
25ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0SCWQ0JSDM&cx=c&gtm=4e5bi1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXV2Z47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

05c32e466dc54445ab312334cea4c44fdc58962b20727bd214d48d130d008b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 30 Nov 2025 16:10:57 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147584
date: Sun, 30 Nov 2025 16:10:57 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 43ms
10ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
age: 4873
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 16:49:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 14:49:44 GMT
last-modified: Tue, 15 Jul 2025 00:44:26 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20737
server: Golfe2

GET
H2 200 xgemius.js Show response
gatr.hit.gemius.pl/ 88 KB
25 KB 76ms
29ms Script
text/javascript 92.222.252.172
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://gatr.hit.gemius.pl/xgemius.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.222.252.172 Paris, France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip172.ip-92-222-252.eu
Software: GHC /
Resource Hash: 3c685e29015cef764f9b85065b8728eae3a74ae39c08917022c0eb3b310b4754

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Mon, 01 Dec 2025 04:10:57 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 25079
date: Sun, 30 Nov 2025 16:10:57 GMT
last-modified: Fri, 22 Aug 2025 15:25:08 GMT
vary: Accept-Encoding,Origin
server: GHC
content-type: text/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 21 KB
7 KB 39ms
14ms Script
text/javascript 18.244.18.122
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"3f6dea365716e8ba82711013483c4d83"
age: 27582
via: 1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: CTSBBLi64lJD2euKi_dzkC7yen5y-11FNloWFr4YlR08cGNJwuyDaQ==
date: Sun, 30 Nov 2025 08:31:16 GMT
content-type: text/javascript
last-modified: Mon, 08 Sep 2025 13:30:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK info
uip.semasio.net/omdtr/1/ 42 B
239 B 139ms
73ms Image
image/gif 77.243.51.121
NETIC-AS Netic A/S

General

Check archive.org

Download Go to Show image

Full URL: https://uip.semasio.net/omdtr/1/info?_referrer=https%3A//eksisozluk.com/cratosroyalbet--7396137&sType=view&nCampaignId=1&nJs=1&_ignore=85373609239008220
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.51.121 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

access-control-allow-origin: *
routing-server-id: -1
uip-response-status: Ok
frontend-id: 4
date: Sun, 30 Nov 2025 16:10:57 GMT
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK async.js Show response
app.gelirartisi.com/ 18 KB
4 KB 104ms
47ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/async.js?zid=72

Requested by

Host: app.networkad.net
URL: https://app.networkad.net/netasync.js?zid=571

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

55c3707583be4f577cc8e123da8f112246b09ee7f09f575b5f1a407000264276

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache
Content-Encoding: gzip
Connection: keep-alive
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-XSS-Protection: 1; mode=block
Date: Sun, 30 Nov 2025 16:10:57 GMT
Content-Type: text/javascript

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 61ms
61ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=19592957&cs_it=b1&cv=4.13.1%2B2508250908&ns__t=1764519057430&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&c8=cratosroyalbet%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c9=
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

via: 1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: ML5Ul7IKn80Jmnfe6UmLCQkn27o3-iNZ4QwBG7rfY1eHyoiaiEBKsQ==
date: Sun, 30 Nov 2025 16:10:57 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

POST
H3 204 AGSKWxWbCnrQGR3pDdECr2z099obk4q2GxF880fxkUd7RiYrppZfzWEy2bgnDuqtdBfnRioeznC9Qm1GfViCMZGu1F5S3VBU-WDsTqMesp-vYiGSBOExXwX0iMhPF5_GJg7bmPP9GbNDGg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 76ms
59ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWbCnrQGR3pDdECr2z099obk4q2GxF880fxkUd7RiYrppZfzWEy2bgnDuqtdBfnRioeznC9Qm1GfViCMZGu1F5S3VBU-WDsTqMesp-vYiGSBOExXwX0iMhPF5_GJg7bmPP9GbNDGg==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YuPzVux5xnc.es5.O/d=1/rs=AJlcJMwCo3AhooFtI65LsxseDyQHeNx-Lw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NxDYYjjG6ylOix2GsoxIHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmLw1ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiFff9GPbDMRCPBwTb248ySaw4PXJr4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTQ0NBCz8A8vsAAAHLtNVc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NxDYYjjG6ylOix2GsoxIHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWbCnrQGR3pDdECr2z099obk4q2GxF880fxkUd7RiYrppZfzWEy2bgnDuqtdBfnRioeznC9Qm1GfViCMZGu1F5S3VBU-WDsTqMesp-vYiGSBOExXwX0iMhPF5_GJg7bmPP9GbNDGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TUsl54qBeYLqORhxHp5arQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmLw1pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiFff9GPbDMRCPBwTb248ySbw4PWHh4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTQ0NBCz8A8vsAAAIoMNag"
content-security-policy: script-src 'report-sample' 'nonce-TUsl54qBeYLqORhxHp5arQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVOQk1x_phWiU-nMSVJuQ-Flrau1dkiUc4KIQjGRHRtg74Xk2hzNN6XQE1n9otS3Z2hDpS99KrTfZWaHYpZb8x8XS6dzFX5b_VsMw7tS0uvQkIURRvdM35KxPUHhdE5HSFE4_bgXQ== Show response
fundingchoicesmessages.google.com/f/ 461 KB
68 KB 75ms
74ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOQk1x_phWiU-nMSVJuQ-Flrau1dkiUc4KIQjGRHRtg74Xk2hzNN6XQE1n9otS3Z2hDpS99KrTfZWaHYpZb8x8XS6dzFX5b_VsMw7tS0uvQkIURRvdM35KxPUHhdE5HSFE4_bgXQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY0NTE5MDU3LDQ3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9la3Npc296bHVrLmNvbS9jcmF0b3Nyb3lhbGJldC0tNzM5NjEzNyIsbnVsbCxbWzgsIll1UHpWdXg1eG5jIl0sWzksImRlIl0sWzE5LCIxIl0sWzI0LCIiXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

b2771fca4c86e1642ea9ae89053bcf5fc319e12e047416d4e22df627a7b54f11

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mpBhIP7DydbE391ON6u1cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj6mDU4pJiCNCQYmi9eY51KhB3LTrPOguIDRUusToC8Yf6y6w_gLhI4gprExB_qrrBKlR9gzWJ_SZrERCb-d1mtQPiancvtmYgtvX3YXMF4m_FvmxsJb5s-_77sh0D4r05fmxHgTiz04-tEIhX3_Rj2wzEK7z82TYAsRAPx8SbG0-yCbzo_fSXUUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjU0NDQQs_ANL7AAADruEhD"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mpBhIP7DydbE391ON6u1cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 86ms
59ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0SCWQ0JSDM&gtm=45je5bi1v9175832440z876850206za200zb76850206zd76850206&_p=1764519057221&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&cid=848427151.1764519057&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115616986~115938466~115938468~116184927~116184929~116217636~116217638~116474637&sid=1764519057&sct=1&seg=0&dl=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&dt=cratosroyalbet%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&en=page_view&_fv=1&_ss=1&tfd=717
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0SCWQ0JSDM&cx=c&gtm=4e5bi1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:112:0
report-to: {"group":"ascnsrsggc:112:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:112:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://eksisozluk.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:112:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK gart.dfp.js Show response
app.gelirartisi.com/ 188 KB
60 KB 90ms
89ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/gart.dfp.js?v=1.0

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/withdfp.js?sid=6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

fedcd38c55189255ebdc239bb0b9e18e462cd164fd6b568bfb1ef07dca3ac076

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: 192689-1764519057000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Date: Sun, 30 Nov 2025 16:10:57 GMT
Content-Type: text/javascript
Last-Modified: 1764519057000

GET
H2 200 fpdata.js Show response
gatr.hit.gemius.pl/ 294 B
409 B 17ms
17ms Script
text/javascript 92.222.252.172
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://gatr.hit.gemius.pl/fpdata.js?href=eksisozluk.com
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.222.252.172 Paris, France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip172.ip-92-222-252.eu
Software: GHC /
Resource Hash: d6f6ed61ad072225fae6e6e09cc738442cab5e6bf3b03538b34df24d3f3b34ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: private, max-age=2592000
etag: PRIVATE7520710249
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 30 Dec 2025 16:10:57 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 294
date: Sun, 30 Nov 2025 16:10:57 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
content-type: text/javascript
server: GHC

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 836C 6 KB
3 KB 119ms
50ms Document
text/html 146.59.30.96
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 417b0f7597d7fc061a364ab584044a42e52172d60753eecd9445ab56128aa55e

Request headers

Referer: https://eksisozluk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2809
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Nov 2025 16:10:57 GMT
etag: PRIVATE7520710249
expires: Tue, 30 Dec 2025 16:10:57 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1 200
OK gart.min.js Show response
app.gelirartisi.com/ 226 KB
79 KB 49ms
49ms Script
text/javascript 31.186.16.160
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://app.gelirartisi.com/gart.min.js?v=1.0

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/async.js?zid=72

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-15-160.turkticaret.net

Software

Resource Hash

1c5fd52042e2d3c2767a488e1cfb040ccc9e50cc988c7e316bd95c7034fac0ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: 231897-1764519057000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Date: Sun, 30 Nov 2025 16:10:57 GMT
Content-Type: text/javascript
Last-Modified: 1764519057000

GET
H2 200 css
fonts.googleapis.com/ 123 KB
6 KB 27ms
26ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YuPzVux5xnc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwCo3AhooFtI65LsxseDyQHeNx-Lw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

e82e051a745dd8745d5dd902affcadd3e700947a7610c33df4e7ab1c013f16c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 16:10:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 30 Nov 2025 16:10:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 1w57TaDYehOMQNiDytAXJlHsT6qsHd02AYLpAV4NRRGrD2St3SJsW1-WDYmDkA5JQROg31KqABc-nMakrG6m8qgwGRj6k0DfIFhnipQMMt6XDFJv2cr8=h60
lh3.googleusercontent.com/ 6 KB
6 KB 64ms
9ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://lh3.googleusercontent.com/1w57TaDYehOMQNiDytAXJlHsT6qsHd02AYLpAV4NRRGrD2St3SJsW1-WDYmDkA5JQROg31KqABc-nMakrG6m8qgwGRj6k0DfIFhnipQMMt6XDFJv2cr8=h60

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

198e1af7b7b86170c55894eb9cf337984fb75e2af75ae8537d0cd2b2aa817669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 4444
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 14:56:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 14:56:53 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6005
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 9ms
9ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://eksisozluk.com/

Response headers

age: 246387
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 27 Nov 2026 19:44:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 27 Nov 2025 19:44:30 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 11ms
11ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://eksisozluk.com
Referer: https://eksisozluk.com/

Response headers

age: 246411
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 27 Nov 2026 19:44:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 27 Nov 2025 19:44:06 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWbCnrQGR3pDdECr2z099obk4q2GxF880fxkUd7RiYrppZfzWEy2bgnDuqtdBfnRioeznC9Qm1GfViCMZGu1F5S3VBU-WDsTqMesp-vYiGSBOExXwX0iMhPF5_GJg7bmPP9GbNDGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--LvQ1BZEdMLPOfN3outEGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmJw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiFff9GPbDMRCPBwTb248ySawYPuFDUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTQ0NBCz8A8vsAAAE2zNN0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--LvQ1BZEdMLPOfN3outEGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWbCnrQGR3pDdECr2z099obk4q2GxF880fxkUd7RiYrppZfzWEy2bgnDuqtdBfnRioeznC9Qm1GfViCMZGu1F5S3VBU-WDsTqMesp-vYiGSBOExXwX0iMhPF5_GJg7bmPP9GbNDGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qJnvEDEvIeftXTHUg7NYqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmLw15Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiFff9GPbDMRCPBwTb248ySbw4M2FjUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTQ0NBCz8A8vsAAAHY9NV4"
content-security-policy: script-src 'report-sample' 'nonce-qJnvEDEvIeftXTHUg7NYqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://eksisozluk.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2

200

rexdot.js Show response
gatr.hit.gemius.pl/__/_1764519057670/
Redirect Chain

https://gatr.hit.gemius.pl/_1764519057670/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Feksis...
https://gatr.hit.gemius.pl/__/_1764519057670/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fek...

167 B
655 B

71ms
70ms

Script
text/javascript

92.222.252.172
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://gatr.hit.gemius.pl/__/_1764519057670/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=txLAUVxHMMRCUV8KhjzgLvZMsqRN2YOpmL3XTVbg5vL.W7T3_wQhyJKYg5Ae1_7KZI3E0aTHAoxIYl4sIl0gUX2TEzTC/s5_FNG18lwnda/&fpdata=tDgQ0NM5zcwdFkU8waoiGv9sG97RQuDWOhrLvTDzdKb.07%7C1764519057%7C2%7C%7C%7C8%3A3%3A32&ltime=135&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=692c6c911fdf45e2&brts=1764519057&fpcap=
Requested by: Host: eksisozluk.com
URL: https://eksisozluk.com/cratosroyalbet--7396137
Protocol: H2
Server: 92.222.252.172 Paris, France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip172.ip-92-222-252.eu
Software: GHC /
Resource Hash: 6fe203bd3b33efb8a2e0097baaddf78d6daaefab89e9af043f7aeef6018d1867

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Sat, 29 Nov 2025 16:10:57 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 167
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: text/javascript
server: GHC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
location: /__/_1764519057670/rexdot.js?l=100&sendf=24&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=txLAUVxHMMRCUV8KhjzgLvZMsqRN2YOpmL3XTVbg5vL.W7T3_wQhyJKYg5Ae1_7KZI3E0aTHAoxIYl4sIl0gUX2TEzTC/s5_FNG18lwnda/&fpdata=tDgQ0NM5zcwdFkU8waoiGv9sG97RQuDWOhrLvTDzdKb.07%7C1764519057%7C2%7C%7C%7C8%3A3%3A32&ltime=135&fr=1&ref=&inner=_ver%3D364%7C_fpsrc%3Dload%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=692c6c911fdf45e2&brts=1764519057&fpcap=
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Sat, 29 Nov 2025 16:10:57 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 0
date: Sun, 30 Nov 2025 16:10:57 GMT
server: GHC

POST
H2 204 request Show response
ssp.theadx.com/ 0
277 B 191ms
91ms Fetch 31.186.3.130
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://ssp.theadx.com/request?tagid=3143

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.3.130 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-3-130.turkticaret.net

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

permissions-policy: browsing-topics=()
access-control-allow-origin: https://eksisozluk.com
cache-control: no-store, no-cache
date: Sun, 30 Nov 2025 16:10:57 GMT
x-xss-protection: 1; mode=block
server: nginx/1.24.0 (Ubuntu)
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 325 B
533 B 133ms
53ms Fetch
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1967356&size_id=65&rp_schain=1.0,1!eksisozluk.com,289,1,,,&rf=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&tg_i.domain=eksisozluk.com&tg_i.page=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&tk_flint=pbjs_lite_v9.25.0-pre&l_pb_bid_id=5ee1f6d7e7fe6e&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.11353768030066069
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 181abbe54b62de6a6b92231250a39d4366a184555fa336792442bda4e27a5172

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 325
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 100ms
60ms Fetch 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://eksisozluk.com
date: Sun, 30 Nov 2025 16:10:57 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
401 B 172ms
138ms Fetch
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sun, 30 Nov 2025 16:10:57 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 42
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/json
vary: Accept-Encoding

POST
H2 204 request Show response
ssp.theadx.com/ 0
275 B 171ms
90ms XHR
text/plain 31.186.3.130
TURKTICARET-AS1 T...

General

Check archive.org

Download Go to

Full URL

https://ssp.theadx.com/request?tagid=3143

Requested by

Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.3.130 , Turkey, ASN197720 (TURKTICARET-AS1 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S., TR),

Reverse DNS

reverse-31-186-3-130.turkticaret.net

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

permissions-policy: browsing-topics=()
access-control-allow-origin: https://eksisozluk.com
cache-control: no-store, no-cache
date: Sun, 30 Nov 2025 16:10:57 GMT
x-xss-protection: 1; mode=block
server: nginx/1.24.0 (Ubuntu)
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
274 B 165ms
105ms XHR
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1984786&size_id=15&p_pos=unknown&rf=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&tk_flint=pbjs_lite_v2.2.0-pre&x_source.tid=db06047c-3fd6-44b6-86ac-53e83ae185ab&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&slots=1&rand=0.660005582897539
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: b8611b616160ae16b1d6c44046495312a18d17b5838de265f65ab67b746c70c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 241
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
274 B 113ms
53ms XHR
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1967356&size_id=65&p_pos=unknown&rf=https%3A%2F%2Feksisozluk.com%2Fcratosroyalbet--7396137&tk_flint=pbjs_lite_v2.2.0-pre&x_source.tid=0cac84b3-5b38-4d96-9de3-9c2dbc4e62d3&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&slots=1&rand=0.1476194710796539
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 1e66d0ba05d8efcb30e271877d08244ab0742bef05aad4b2d391887bd325e152

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://eksisozluk.com
content-length: 241
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 81ms
60ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: app.gelirartisi.com
URL: https://app.gelirartisi.com/gart.dfp.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://eksisozluk.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://eksisozluk.com
date: Sun, 30 Nov 2025 16:10:57 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

GET
H3 200 favicon-32x32.png
ekstat.com/img/ 456 B
927 B 14ms
14ms Other
image/png 172.67.131.5
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://ekstat.com/img/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.5 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c2a451c53a49299dc3638c61203286b261a841c18f8c6161f35e4caf1ef6b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://eksisozluk.com/

Response headers

cf-cache-status: HIT
etag: "74a75b335e73d21:0"
age: 39659
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OGYTQ2YwtduYelc7rJYTmuZ4OEnSC65Ixiczu5ynG9WuFKSToHAvVpPslqad95OTI5OXb%2F%2BQ56yR56N4OV5SdsBj2tptW6OS2hA%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 30 Nov 2025 16:10:57 GMT
content-type: image/png
last-modified: Fri, 20 Jan 2017 20:45:57 GMT
vary: accept-encoding
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9a6b9e2f1b1a3735-FRA
accept-ranges: bytes
content-length: 456
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 63ms
46ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511120101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://eksisozluk.com/

Response headers

Verdicts & Comments Add Verdict or Comment

110 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eksisozluk.com/	1970-01-21 18:54:15	Name: iq Value: c61806612d4a4d89a3dae179f494fa00
eksisozluk.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fsrfgylok0yq3s1wjseptptg
eksisozluk.com/	1969-12-31 23:59:59	Name: channel-filter-preference-cookie Value: W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfV0=
.doubleclick.net/	1970-01-21 10:08:39	Name: test_cookie Value: CheckForPermission
.networkad.net/	1970-01-21 10:10:05	Name: uid_2793dca0-ce07-11f0-9d40-1be892aa0cd0 Value: 1764519057258
.networkad.net/	1970-01-21 10:23:03	Name: tracking Value: {"1764450000":{"capping":{"zonex":{},"zonexdate":{},"bannerx":{},"bannerxdate":{}}}}
.networkad.net/	1970-01-21 10:08:39	Name: crstr Value: {}
eksisozluk.com/	1970-01-21 10:08:40	Name: lastnwcrtid_571 Value: {}
.eksisozluk.com/	1970-01-21 19:30:15	Name: FCCDCF Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B32%2C%22%5B%5C%22eed3ba61-7973-425d-9a99-a2e96a2e6ded%5C%22%2C%5B1764519057%2C451000000%5D%5D%22%5D%5D%5D
.eksisozluk.com/	1970-01-21 19:44:39	Name: _ga Value: GA1.1.848427151.1764519057
.eksisozluk.com/	1970-01-21 19:44:39	Name: _ga_0SCWQ0JSDM Value: GS2.1.s1764519057$o1$g0$t1764519057$j60$l0$h0
.eksisozluk.com/	1970-01-21 19:37:27	Name: __gfp_64b Value: tDgQ0NM5zcwdFkU8waoiGv9sG97RQuDWOhrLvTDzdKb.07\|1764519057\|2\|\|\|8:3:32
.hit.gemius.pl/	1970-01-21 19:37:27	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-21 10:18:43	Name: Gtest Value: KlS_3MXGQMGGBbemiiuMLFRvssGMXP8c25nSGJSE-tn7XBG.
.hit.gemius.pl/	1970-01-21 19:37:27	Name: Gdyn Value: KlxW4RMGQMGGBbemiiuMLFRvssGMXP8c25nSGJSE-tn7FRxSG7RrGS6Gw4stFlMXYH8Po1WrGQaPge9iaQG.
.hit.gemius.pl/	1970-01-21 19:37:27	Name: Gdynp Value: FIu1YKgTaS1bLnGZ36SFHe9kCvZ2GJxfDGiN0z43iH3.L7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
app.gelirartisi.com
app.networkad.net
eksisozluk.com
ekstat.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gatr.hit.gemius.pl
googleads.g.doubleclick.net
img.ekstat.com
lh3.googleusercontent.com
ls.hit.gemius.pl
nativespot.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
region1.google-analytics.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
serv.nspot.co
ssp.theadx.com
uip.semasio.net
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
142.250.181.238
142.250.185.130
142.250.185.131
142.250.185.226
142.250.185.66
142.250.185.74
142.250.186.129
142.250.186.162
142.250.186.78
146.59.30.96
172.66.172.175
172.67.131.5
18.244.18.122
184.30.21.51
185.184.8.90
188.114.96.3
195.201.91.161
216.239.32.36
216.58.212.136
31.186.16.160
31.186.3.130
35.158.4.242
69.173.156.138
77.243.51.121
92.222.252.172
05c32e466dc54445ab312334cea4c44fdc58962b20727bd214d48d130d008b0d
06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4
09fe787d1143e6e2fe4c40c4e0b5a6a36d8ebefc0cb57c79b17da8d4ebd2d853
156650610835fe32914722ecfc8dab0ebbb84795e201b842158afa0ea873cfa4
181abbe54b62de6a6b92231250a39d4366a184555fa336792442bda4e27a5172
198e1af7b7b86170c55894eb9cf337984fb75e2af75ae8537d0cd2b2aa817669
1c5fd52042e2d3c2767a488e1cfb040ccc9e50cc988c7e316bd95c7034fac0ec
1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b
1e66d0ba05d8efcb30e271877d08244ab0742bef05aad4b2d391887bd325e152
2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa
29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa
31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c685e29015cef764f9b85065b8728eae3a74ae39c08917022c0eb3b310b4754
417b0f7597d7fc061a364ab584044a42e52172d60753eecd9445ab56128aa55e
456f90ea1c77f3ab8381b2b4dd7de86cbb4da1f842a1d91f9387c67f2ef2bae5
47630179be57c65ea6745464ce7dc29e357e36a50c0fa1e4d376d7069a057747
4c2a451c53a49299dc3638c61203286b261a841c18f8c6161f35e4caf1ef6b95
55c3707583be4f577cc8e123da8f112246b09ee7f09f575b5f1a407000264276
691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc
6a6929a82c3850f9f3ffef5a46cab9ba58ce13985d87e456a39032a84f82a765
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ecc3099e92ca2dbe63a0f6b327b530ba038d3b63ecac92fea595089391f18dc
6fe203bd3b33efb8a2e0097baaddf78d6daaefab89e9af043f7aeef6018d1867
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
780ca8fdeaf001ab35f007c8e14d18dfca90162adb3d03624679d43929863227
7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce
8debc189f0f5e1799e54127fb46d0424f8ec9ac3d381821587c96e221fde3788
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d8b9b83f39fe3768c876486e92bb995c1a92c9e85b69481da84e5444ecc980f
9edc9fce1b31efcf7036dd70bbd694533f0d20a10830112d78fb2f26252fe648
a17253098c4f8f31a7fc49d6fff2b1ba3aa85650c35f20e128a1114a7dbd926e
a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f
a6ebb39326064495b2db061629ca4aa96c50b6e3490679fd78e5e0a9cf65cd3c
ac339b227fe8176fbf0fa7788383dc2b3232bc800d52f309dbb2809ecd6464ac
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2771fca4c86e1642ea9ae89053bcf5fc319e12e047416d4e22df627a7b54f11
b8611b616160ae16b1d6c44046495312a18d17b5838de265f65ab67b746c70c6
c1582e7ff7917ee324bd3f0591b668d243c154c389ebb3b970042c15d7f31483
d6f6ed61ad072225fae6e6e09cc738442cab5e6bf3b03538b34df24d3f3b34ce
d71b983c5be7c5539f3cb2b9da339c8dfa669b9e88d309b8454c77565de776aa
d91dc05fa0c6e7d9a695aa41375723c955aeb740aa61bddc60cee2399cb2efd0
de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82e051a745dd8745d5dd902affcadd3e700947a7610c33df4e7ab1c013f16c2
e9f511a53045279d822e256938104b1541c0892e4f70eaea3a8d5c5e62f8041e
eb33059cdf158ecd0bae78dfa7762313529cd1bf089205f6821699b2c037e423
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
f61f863b7dcf4f836954b8a11abc2b2284fb089d669c2cde701b198f9137fbcb
fa0cc1070de0d200a4f2dca145ad1db97572dac8761a8a98c0bc3e75d706b934
fedcd38c55189255ebdc239bb0b9e18e462cd164fd6b568bfb1ef07dca3ac076

eksisozluk.com 172.66.172.175 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

0 %IPv6

22 Domains

26 Subdomains

26 IPs

7 Countries

1439 kBTransfer

4364 kBSize

16 Cookies

8 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eksisozluk.com
172.66.172.175 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

0 %
IPv6

22
Domains

26
Subdomains

26
IPs

7
Countries

1439 kB
Transfer

4364 kB
Size

16
Cookies

62 HTTP transactions
1 data transactions