89.252.139.221 Open in urlscan Pro
89.252.139.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://89.252.139.221/
Effective URL:
https://89.252.139.221/
Submission: On January 12 via manual (January 12th 2026, 6:35:31 pm UTC) from TR — Scanned from TR

Summary HTTP 206 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 59 IPs in 10 countries across 37 domains to perform 206 HTTP transactions. The main IP is 89.252.139.221, located in Turkey and belongs to NETINTERNET Netinternet Bilisim Teknolojileri AS, TR. The main domain is 89.252.139.221.
TLS certificate: Issued by R12 on November 29th 2025. Valid for: 3 months.

This is the only time 89.252.139.221 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	89.252.139.221 89.252.139.221	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
36	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi)
6 11	87.250.251.119 87.250.251.119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi)
17	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	52.85.67.113 52.85.67.113	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi)
2	142.251.141.106 142.251.141.106	15169 (GOOGLE) (GOOGLE)
1 2	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.36.117 108.138.36.117	16509 (AMAZON-02) (AMAZON-02)
1	23.215.23.105 23.215.23.105	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.36.46 108.138.36.46	16509 (AMAZON-02) (AMAZON-02)
1	104.20.23.13 104.20.23.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH OVH SAS) (OVH OVH SAS)
1	52.49.255.252 52.49.255.252	16509 (AMAZON-02) (AMAZON-02)
3	142.251.208.6 142.251.208.6	15169 (GOOGLE) (GOOGLE)
2 4	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1	162.19.223.45 162.19.223.45	16276 (OVH OVH SAS) (OVH OVH SAS)
1	141.95.98.64 141.95.98.64	16276 (OVH OVH SAS) (OVH OVH SAS)
2	185.7.176.203 185.7.176.203	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
2	18.173.162.223 18.173.162.223	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.12 178.250.1.12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	34.8.2.179 34.8.2.179	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	176.235.30.103 176.235.30.103	34984 (TELLCOM-A...) (TELLCOM-AS Superonline Iletisim Hizmetleri A.S.)
1	72.246.28.143 72.246.28.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.248.38.159 34.248.38.159	16509 (AMAZON-02) (AMAZON-02)
5	142.251.141.97 142.251.141.97	15169 (GOOGLE) (GOOGLE)
4	142.251.12.120 142.251.12.120	15169 (GOOGLE) (GOOGLE)
8	23.88.31.198 23.88.31.198	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	51.89.9.254 51.89.9.254	16276 (OVH OVH SAS) (OVH OVH SAS)
2	5.255.255.77 5.255.255.77	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
3	69.173.156.138 69.173.156.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd)
1	37.157.2.235 37.157.2.235	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	18.203.177.31 18.203.177.31	16509 (AMAZON-02) (AMAZON-02)
1	35.214.234.219 35.214.234.219	15169 (GOOGLE) (GOOGLE)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	52.85.65.95 52.85.65.95	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.14 37.157.2.14	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
9	98.87.100.164 98.87.100.164	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	88.221.169.246 88.221.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.252 51.89.9.252	16276 (OVH OVH SAS) (OVH OVH SAS)
1	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.189.116 185.64.189.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
206	59

13 89.252.139.221 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)

89.252.139.221	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

36 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
logger.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

11 87.250.251.119 (Russian Federation) 6 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

17 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 52.85.67.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-67-113.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.141.106 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-ai-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.102.243.38 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 108.138.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-117.muc50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 23.215.23.105 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-23-105.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 108.138.36.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-46.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.20.23.13 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu

api.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.49.255.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-255-252.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.251.208.6 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-bp-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 162.19.138.120 (Frankfurt am Main, Germany) 2 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.19.223.45 (France)

ASN16276 (OVH OVH SAS, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.7.176.203 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR)

istr-n3.nktcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 77.243.51.121 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS Netic A/S, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 18.173.162.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-162-223.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 178.250.1.12 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.8.2.179 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 179.2.8.34.bc.googleusercontent.com

spadsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 176.235.30.103 (Turkey)

ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR)

id.ad-plus.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 72.246.28.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-28-143.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.248.38.159 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-38-159.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.251.141.97 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-ai-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 142.251.12.120 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f120.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 23.88.31.198 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.198.31.88.23.clients.your-server.de

ittr.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 5.255.255.77 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: yandex.ru

yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 69.173.144.137 (Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 69.173.156.138 (Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.2.235 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.203.177.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-177-31.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.214.234.219 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 219.234.214.35.bc.googleusercontent.com

api.w.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 52.85.65.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-95.muc50.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.157.2.14 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 98.87.100.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-87-100-164.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.64.189.116 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 69.173.144.138 (Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
39	virgul.com static.virgul.com — Cisco Umbrella Rank: 113448 ng.virgul.com — Cisco Umbrella Rank: 94181 logger.virgul.com — Cisco Umbrella Rank: 150869	321 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 273 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 pubads.g.doubleclick.net — Cisco Umbrella Rank: 504 ad.doubleclick.net — Cisco Umbrella Rank: 186 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1478 cm.g.doubleclick.net Failed	313 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 208 30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com	381 KB
14	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 947 static.adsafeprotected.com — Cisco Umbrella Rank: 914 dt.adsafeprotected.com — Cisco Umbrella Rank: 902	122 KB
9	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 350 ep2.adtrafficquality.google — Cisco Umbrella Rank: 359	73 KB
9	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 9185 yandex.com — Cisco Umbrella Rank: 4130	6 KB
8	eskimi.com ittr.eskimi.com — Cisco Umbrella Rank: 54522 ittpx.eskimi.com Failed	417 B
7	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1003 fastlane.rubiconproject.com — Cisco Umbrella Rank: 624 eus.rubiconproject.com — Cisco Umbrella Rank: 717 token.rubiconproject.com — Cisco Umbrella Rank: 576 pixel.rubiconproject.com Failed	16 KB
6	id5-sync.com 2 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 812 api.id5-sync.com — Cisco Umbrella Rank: 1609 id5-sync.com — Cisco Umbrella Rank: 522	39 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 423 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 825 aax.amazon-adsystem.com — Cisco Umbrella Rank: 606 aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com Failed	95 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 313 acdn.adnxs.com — Cisco Umbrella Rank: 787	21 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 664 ads.pubmatic.com — Cisco Umbrella Rank: 634 ut.pubmatic.com — Cisco Umbrella Rank: 1087 image6.pubmatic.com Failed	8 KB
4	gstatic.com csi.gstatic.com	696 B
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3871	68 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 422	722 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 8607	1 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 760	3 KB
2	teads.tv at.teads.tv — Cisco Umbrella Rank: 5258 a.teads.tv — Cisco Umbrella Rank: 1867	940 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 501	907 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1529	1 KB
2	nktcdn.com istr-n3.nktcdn.com	61 KB
2	eu-1-id5-sync.com lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1231 lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 981	492 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 468	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1148 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1162	14 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 594	411 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 217740	131 KB
2	pghub.io 1 redirects pghub.io — Cisco Umbrella Rank: 2541 feed.pghub.io — Cisco Umbrella Rank: 2834	6 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	569 B
1	inmobi.com api.w.inmobi.com — Cisco Umbrella Rank: 7474 sync.inmobi.com — Cisco Umbrella Rank: 893 Failed	175 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 842	207 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 12180	177 B
1	ad-plus.com.tr id.ad-plus.com.tr — Cisco Umbrella Rank: 64868	1 KB
1	spadsync.com spadsync.com — Cisco Umbrella Rank: 54279	94 B
1	advertune.com 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com	2 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1359	22 KB
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 2917	1 KB
0	bidr.io Failed match.prod.bidr.io Failed
206	37

	Domain	Requested by
17	logger.virgul.com	c1.imgiz.com
15	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com imasdk.googleapis.com ad.doubleclick.net ep2.adtrafficquality.google tpc.googlesyndication.com
14	ng.virgul.com	static.virgul.com 89.252.139.221 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
9	dt.adsafeprotected.com
8	ittr.eskimi.com	static.virgul.com
8	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net 89.252.139.221
8	static.virgul.com	89.252.139.221 static.virgul.com 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
7	mc.yandex.com	4 redirects 89.252.139.221
6	pubads.g.doubleclick.net	imasdk.googleapis.com
5	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google ad.doubleclick.net
4	ib.adnxs.com	1 redirects static.virgul.com acdn.adnxs.com
4	csi.gstatic.com	imasdk.googleapis.com
4	ep1.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
4	id5-sync.com	2 redirects cdn.id5-sync.com
4	mc.yandex.ru	2 redirects 89.252.139.221
3	static.adsafeprotected.com	pixel.adsafeprotected.com 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
3	fastlane.rubiconproject.com	static.virgul.com
3	match.adsrvr.org	pandg.tapad.com static.virgul.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	ut.pubmatic.com	ads.pubmatic.com
2	eus.rubiconproject.com	static.virgul.com eus.rubiconproject.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	adx.adform.net	static.virgul.com imasdk.googleapis.com
2	yandex.com	static.virgul.com
2	onetag-sys.com	static.virgul.com
2	pixel.adsafeprotected.com	1 redirects 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
2	gum.criteo.com	static.virgul.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	uipglob.semasio.net	2 redirects
2	istr-n3.nktcdn.com	89.252.139.221
2	s0.2mdn.net	imasdk.googleapis.com ad.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	imasdk.googleapis.com	c1.imgiz.com imasdk.googleapis.com
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	static.virgul.com
1	ads.pubmatic.com	static.virgul.com
1	30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tpc.googlesyndication.com	pagead2.googlesyndication.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	www.google.com	ep2.adtrafficquality.google
1	a.teads.tv	static.virgul.com
1	api.w.inmobi.com	static.virgul.com
1	ap.lijit.com	static.virgul.com
1	prebid-eu.creativecdn.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	ad.doubleclick.net	696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
1	at.teads.tv	static.virgul.com
1	id.ad-plus.com.tr	static.virgul.com
1	spadsync.com	static.virgul.com
1	696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com	static.virgul.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	api.id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	89.252.139.221
1	tags.crwdcntrl.net	89.252.139.221
1	secure.cdn.fastclick.net	89.252.139.221
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	pandg.tapad.com	pghub.io
1	feed.pghub.io	1 redirects
1	pghub.io	static.virgul.com
0	match.prod.bidr.io Failed
0	s.amazon-adsystem.com Failed
0	aax-eu.amazon-adsystem.com Failed
0	cm.g.doubleclick.net Failed
0	pixel.rubiconproject.com Failed
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	sync.inmobi.com Failed	static.virgul.com
0	ittpx.eskimi.com Failed	static.virgul.com
206	70

This site contains links to these domains. Also see Links.

Domain
anlikaltinfiyatlari.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
89-252-139-219.cprapid.com R12	`2025-11-29` - `2026-02-27`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2025-11-10` - `2026-09-27`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2025-08-16` - `2026-01-26`	5 months	crt.sh
*.g.doubleclick.net WE2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M04	`2025-10-20` - `2026-11-18`	a year	crt.sh
pghub.io WR3	`2025-12-04` - `2026-03-04`	3 months	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2025-10-01` - `2026-09-08`	a year	crt.sh
upload.video.google.com WE2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
pandg.tapad.com WR3	`2025-12-06` - `2026-03-06`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M04	`2025-11-23` - `2026-12-22`	a year	crt.sh
secure.cdn.fastclick.net DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-06-08` - `2026-06-09`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M04	`2025-08-09` - `2026-09-07`	a year	crt.sh
id5-sync.com WE1	`2025-11-18` - `2026-02-16`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
*.doubleclick.net WE2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
eu-1-id5-sync.com R12	`2026-01-01` - `2026-04-01`	3 months	crt.sh
*.nktcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-12-16` - `2026-11-05`	a year	crt.sh
*.advertune.com Sectigo RSA Domain Validation Secure Server CA	`2025-10-30` - `2026-11-30`	a year	crt.sh
adtrafficquality.google WE2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2025-03-31` - `2026-04-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-11-14` - `2026-02-11`	3 months	crt.sh
spadsync.com Go Daddy Secure Certificate Authority - G2	`2025-02-21` - `2026-03-25`	a year	crt.sh
*.ad-plus.com.tr GlobalSign RSA OV SSL CA 2018	`2025-08-14` - `2026-09-15`	a year	crt.sh
teads.tv R13	`2026-01-05` - `2026-04-05`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2025-01-29` - `2026-02-28`	a year	crt.sh
*.gstatic.com WR2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2025-02-18` - `2026-03-21`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-12-23` - `2027-01-22`	a year	crt.sh
*.yandex.tr GlobalSign ECC OV SSL CA 2018	`2025-08-26` - `2026-02-23`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2025-04-17` - `2026-05-02`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-05` - `2026-10-06`	a year	crt.sh
*.lijit.com R13	`2026-01-06` - `2026-04-06`	3 months	crt.sh
*.w.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2025-02-26` - `2026-02-26`	a year	crt.sh
*.teads.tv Thawte TLS RSA CA G1	`2025-05-18` - `2026-05-17`	a year	crt.sh
*.adnxs.com GeoTrust TLS ECC CA G1	`2025-09-25` - `2026-10-26`	a year	crt.sh
*.google.com WE2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M04	`2025-03-26` - `2026-04-25`	a year	crt.sh
tpc.googlesyndication.com WE2	`2025-12-03` - `2026-02-25`	3 months	crt.sh
*.adsafeprotected.com Sectigo Public Server Authentication CA DV E36	`2025-06-12` - `2026-07-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2025-04-28` - `2026-05-29`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://89.252.139.221/
Frame ID: 14CEE1108741F10412AE616E712B8C83
Requests: 114 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=4
Frame ID: D2AAD1205D444CAB3F048638FB4E1B90
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 023FEA67A0A590D08371C2AB8FB21714
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260107/r20190131/zrt_lookup_fy2021.html
Frame ID: 1ECB50B81339792885AEC8ECBD48AF18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1768242933&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2F89.252.139.221%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1768242933326&bpp=9&bdt=691&idt=418&shv=r20260107&mjsv=m202601060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1257841106316&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096043%2C42532523%2C95376583%2C95379897%2C95372614%2C95379058&oid=2&pvsid=5349629749062769&tmod=1142139689&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=212x945_l%7C212x945_r&bz=1&ifi=1&uci=a!1&fsb=1&dtd=433
Frame ID: 1A03E38179D016F2F439F4D200561E9D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html
Frame ID: 42C705FD05344B27A9470B824EF5B149
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BCDC6C11DA5774DFA07311427B76B3BF
Requests: 1 HTTP requests in this frame

Frame: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/adview?a=696513282311130e0cd4a531&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933037&mt=1768242932965&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&vmn=696513282311130e0cd4a531___153941-164983655
Frame ID: 07D463E810C9A23DA023E94AB0D6AA0C
Requests: 15 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N4786.1703598NOKTAMEDYA.COM0/B34868746.438238155;sz=160x600;ord=1768242935268;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;dc_tdv=1
Frame ID: 105FAB5A4F4483CE9611321A80996713
Requests: 15 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 2B308BDAC9169A0249720E6646E9B0E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 510E1393555C8BD766EF710349399685
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html
Frame ID: 4EB43BAC4C038200FB495AE20E88AA22
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: A67943750F9FBC8FE7D0D573208EB8CA
Requests: 1 HTTP requests in this frame

Frame: https://30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: F37B2C2CAB529EF0397A496E51DC3066
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RBNjL7KiWQQsQXMzytoCR4-ZJs2xvvVBJHxHpHXqGK8.js
Frame ID: 6AD7E533B064969AB8B76FBE3E4E5447
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0980CD1443C435BDDDF5F561BA836CCD
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1768242936022
Frame ID: D4A571F218315B08C9EBD7FD8A1CF99C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: 040F5112A3754F9F6333D6341BC58106
Requests: 4 HTTP requests in this frame

Frame: https://ittpx.eskimi.com/sync?sp_id=137
Frame ID: 9F24BC730F3AF8E9D5DFCA42D05FF3A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Frame ID: 4980755AE3C9C4138950CEC623B5684C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4432B8270FF2ECF5B95692394B564E66
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anlık Altın Fiyatları

Page URL History Show full URLs

http://89.252.139.221/ HTTP 307
https://89.252.139.221/ Page URL

Detected technologies

Socket.io (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

206
Requests

82 %
HTTPS

0 %
IPv6

37
Domains

70
Subdomains

59
IPs

10
Countries

2326 kB
Transfer

7556 kB
Size

64
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://anlikaltinfiyatlari.com/
Title: Anlık Altın Fiyatları

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/banka
Title: BANKA

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/kapalicarsi
Title: KAPALIÇARŞI

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/gram-altin
Title: GRAM ALTIN

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/ceyrek-altin
Title: ÇEYREK ALTIN

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/cumhuriyet-altini
Title: CUMHURİYET

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/22-ayar-bilezik
Title: 22 AYAR

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/merkez-bankasi
Title: MB

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/harem-altin
Title: Harem

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/altin/altinkaynak-altin
Title: Altınkaynak

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz
Title: DÖVİZ

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/dolar
Title: Dolar

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/euro
Title: Euro

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/pound
Title: Sterlin

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/frank
Title: Frank

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/riyal
Title: Riyal

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/rus-rublesi
Title: Ruble

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/kapalicarsi-doviz-kurlari
Title: KÇ: Döviz

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/bulgar-levasi
Title: BGN Bulgar Levası

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/azerbaycan-manati
Title: AZN Manat

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/japon-yeni
Title: JPY Japon Yeni

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/avustralya-dolari
Title: AUD Avustralya Doları

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/kanada-dolari
Title: CAD Kanada Doları

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/hong-kong-dolari
Title: HKD Hong Kong Doları

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/norvec-kronu
Title: NOK Norveç Kronu

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/isvec-kronu
Title: SEK İsveç Kronu

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/danimarka-kronu
Title: DKK Danimarka Kronu

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/bae-dirhemi
Title: AED BAE Dirhemi

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/arjantin-pezosu
Title: ARS Arjantin Pezosu

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/banglades-takasi
Title: BDT Bangladeş Takası

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/brezilya-reali
Title: BRL Brezilya Reali

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/cin-yuani
Title: CNY Çin Yuanı

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/gurcu-lari
Title: GEL Gürcü Lari

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/macar-forinti
Title: HUF Macar Forinti

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/israil-sekeli
Title: ILS İsrail Şekeli

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/hindistan-rupisi
Title: INR Hindistan Rupisi

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/kuveyt-dinari
Title: KWD Kuveyt Dinarı

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/yeni-zelanda-dolari
Title: NZD Yeni Zelanda Doları

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/pakistan-rupisi
Title: PKR Pakistan Rupisi

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/polonya-zlotisi
Title: PLN Polonya Zlotisi

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/katar-riyali
Title: QAR Katar Riyali

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/singapur-dolari
Title: SGD Singapur Doları

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/suriye-lirasi
Title: SYP Suriye Lirası

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/ukrayna-grivnasi
Title: UAH Ukrayna Grivnası

Search URL Search Domain Scan URL

URL: https://anlikaltinfiyatlari.com/doviz/guney-afrika-randi
Title: ZAR Güney Afrika Randı

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvn-zTabGbuDTgohCyOUdnrpQG-b5SSLYgAy50Z72rKnhU0fy09L1sifdbFSbyRrVdl41CRzElf61vb1quR8GbuMM4pGuRfMl9d11rhcBQm4Ynz-NzSgSbAdJpggRfiEPcPN9Mq8wGEeVzlSBmOuBMvfIDXq8tMrDF28GvE-A1C8wF6XdIAcMrdDczinQdZK8CCtaZjDqibu1Hzap3082lz-VMKfyLql6UaQJ9J801ilMs7v679dLT6YNfnY00rbNwLd1cxMgnCGgmRfY0WU7Lm8PPqn3OqGL9bzBOG-iz4bpj9G0yFnK6OQdr8TcWca8FhnT8nKvQAPg0eVivCfNz1Iob0OFkaVx210iYS_7Qlsg6EwSAlOiKC-WInJqcVWsFUF12OKkZOX6NT1UA2qwpdb7pIBMIVMwsknUfv94O3shrXiEJciVBxch1Qe87elKueB41OZWS5bb6qFxKSSL01kemwT43K1pByViyDic2t5qiOP4oowCT-&sai=AMfl-YTBN_MAJKQ5pkw_l2g9LgEWr7MxSOi-OWKYVr1y70LaigdfDX3gZNc50EarcPMv_ardyHuyp7RK6kHsYxQGFzixwtSLX78GTPRRt_-35Yo02PXe246phwrjKLb3FWl4kAX2uaWkI_AeBEU7bXzJOJWOp5ON9BiW5sZwZ_Mp9WIBxmq5KqEXNkaHpGbkkuriT_GpHMaYZQhBTQ6vJHwBxAeq3pFdN8__186mFAOW4NqJRg&sig=Cg0ArKJSzCtNCiKLEE3B&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://www.nutella.com/tr/tr/urunler/nutella-and-go%3Futm_source%3DGoogle%26utm_medium%3Dcpm%26utm_content%3Dvideo%26utm_campaign%3DTR_W3_W6_FY26_SNK_NutellaGo-Jan26_AWE%26dclid%3D%25edclid!%26gad_source%3D7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://89.252.139.221/ HTTP 307
https://89.252.139.221/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://mc.yandex.com/sync_cookie_image_check?scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&cid=28577486 HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?cid=28577486&redirect_domain=mc.yandex.com&scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&token=10909.oneQPQWJn2qDTZ_lhXHJ-PykVjMG0JelNj982OqIPfnczaaxMPl4NlNE284AX8si.UGab82ETdD_B2yAWkH8J0McOdEY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?cid=28577486&scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&token=10909.2HuJQGqxF1-LT0xEkobLRrSNDJYC7mYn5V9aTmnVoKHQPue98IUJO4uS6dtKdrVYA8m0sPH3c-Tj8kFFCaeL4ZhVRx24dtbmUBcTK6e8Oqg%2C.Hi-W9ZSjvjeWCif9hUzLq7h90GY%2C

Request Chain 34

https://feed.pghub.io/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D HTTP 302
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Request Chain 39

https://mc.yandex.com/watch/28577486?wmode=7&page-url=https%3A%2F%2F89.252.139.221%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nmhispdoy84n8bnkmm71qe03kyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Atr-TR%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A538785987946%3Ahid%3A911656456%3Az%3A180%3Ai%3A20260112213533%3Aet%3A1768242933%3Ac%3A1%3Arn%3A1056423734%3Arqn%3A1%3Au%3A1768242933868512520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A712%3Awv%3A2%3Ads%3A0%2C157%2C261%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1768242932196%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1768242934%3At%3AAnl%C4%B1k%20Alt%C4%B1n%20Fiyatlar%C4%B1&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(33619972)ti(1) HTTP 302
https://mc.yandex.com/watch/28577486/1?wmode=7&page-url=https%3A%2F%2F89.252.139.221%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nmhispdoy84n8bnkmm71qe03kyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Atr-TR%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A538785987946%3Ahid%3A911656456%3Az%3A180%3Ai%3A20260112213533%3Aet%3A1768242933%3Ac%3A1%3Arn%3A1056423734%3Arqn%3A1%3Au%3A1768242933868512520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A712%3Awv%3A2%3Ads%3A0%2C157%2C261%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1768242932196%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1768242934%3At%3AAnl%C4%B1k%20Alt%C4%B1n%20Fiyatlar%C4%B1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2833619972%29ti%281%29&redirnss=1

Request Chain 47

https://mc.yandex.com/sync_cookie_image_check_secondary?scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&cid=28577486 HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=28577486&redirect_domain=mc.yandex.com&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.qk_22kHaTTXIlL7C3i48wEul8eMhTVoymiUDoj5U151DvRnP8juN7xTzpsBM92EH.oeFjMAPOcHg12vjLrusyzo89h9o%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=28577486&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.hTG_ln1_dsxlAhZ7sXCJmC_iZ117qUEK7w-dlLZOAJctIvmlf8ss790RJQA_lOgITSG5HklwHBVffBhOMDxdSeKbAv1ydD9yhKH5geA-Ek8%2C.sdvFZ6AQ5JKk8C8FNIf4OQc3CB4%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=28577486&redirect_domain=mc.yandex.com&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.tve9oFOEv1yiv6ownerxLSSyAM6IbQyqH69a65o1xMvpbk0fVSqgnxcWZix6x2x4NqIteLz5io0UAVv6ljgBXrYUwAyUXq6W-CU0hrWL7izrEWs4lazycz_muHeOAKbcaMX8gd-m4KfhvrrK3WhhpYpS2jjSqhuesmzLDJYqMHpU2QAfpLijOobnl0GxBQY79XWF8Mopn70lILGJ4C0s9w%2C%2C.h7RMec3PXsBfHqD88MpJ8GoJxqc%2C

Request Chain 75

https://id5-sync.com/i/1476/8.gif?o=api&id5id=ID5*cgj1wrDMFG_tPnjIJ5-y8ML4hpmajsm7_LmQCCL0zBz__2llPvdaAAEBCmllPvYAekOqFQxXj8JxlWxT9W8Fug&gdpr_consent=undefined&gdpr=false HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1476%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1476%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1476/112/7/2.gif?puid=EAAEFB9B6AA6FBA6&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 147

https://pixel.adsafeprotected.com/rfw/st/2765965/91978760/skeleton.js?adsafe_url=https%3A%2F%2F89.252.139.221&adsafe_type=y&adsafe_url=https%3A%2F%2F89.252.139.221%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com%2Fadview%3Fa%3D696513282311130e0cd4a531%26r%3D153941%40site_geneli%40anlikaltinfiyatlari%3Asite_geneli%26l%3D%26ext%3D%252Cas%252Crc0%252Chf1%252Cvv2512181%252Cux1768242932965_1666%252Ccn4gx0%26info%3D%26cs%3D1768242933037%26mt%3D1768242932965%26userId%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26vmn%3D696513282311130e0cd4a531___153941-164983655&adsafe_type=d&adsafe_jsinfo=,id:b4f29ebe-4d93-8480-3611-86d55bb79968,c:17zXdG,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-c5c998f56-rlhwb,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:482,mot:0,app:0,maw:0,tdt:s,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:495,oid:7c138a65-efe5-11f0-b4c6-8ea44dfe4c94,v:19.8.640,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 179

https://sync.inmobi.com/prebidjs HTTP 302
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry= HTTP 302
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true

Request Chain 181

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

206 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
89.252.139.221/
Redirect Chain

http://89.252.139.221/
https://89.252.139.221/

47 KB
10 KB

420ms
262ms

Document
text/html

89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: 3b8a96527fbf076549d7464bf0c00aafc7053ab01645401f9b615345fe88410e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Jan 2026 18:35:32 GMT
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent
x-cache-status: MISS

Redirect headers

Location: https://89.252.139.221/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
89.252.139.221/theme/ 21 KB
5 KB 220ms
220ms Stylesheet
text/css 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/theme/style.css?v=7.41.141
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: 441961b14ff5aca804cc1854bad339760b249e06178575d46379628cbf249403

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx
last-modified: Fri, 21 Mar 2025 13:27:51 GMT

GET
H2 200 anlik_altin.gif
89.252.139.221/theme/img/ 11 KB
12 KB 263ms
263ms Image
image/gif 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to Show image

Full URL: https://89.252.139.221/theme/img/anlik_altin.gif
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: f63d1e66452399032fe869bce67102428e4da6ceff351b012eaedbdfb4b8087f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
accept-ranges: bytes
content-length: 11522
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: image/gif
last-modified: Thu, 19 Feb 2015 13:12:34 GMT
server: nginx

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ 112 KB
40 KB 210ms
67ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

b26817f8df59a2da8ce824ecf75e13758c514606a23ae810c6ebce94c9fe2d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=43200
content-encoding: gzip
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Wed, 07 Jan 2026 09:11:31 GMT

GET
H2 200 all.js Show response
89.252.139.221/js/ 361 KB
123 KB 124ms
124ms Script
text/javascript 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/js/all.js?v=7.3363
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: cf00fbfd9455a27303770e15eef8e0a6c37f12f3d88644eed489dd95c37781c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx
last-modified: Mon, 19 Feb 2024 19:17:02 GMT

GET
H2 200 socket.io.min.js Show response
89.252.139.221/js/ 43 KB
13 KB 262ms
261ms Script
text/javascript 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/js/socket.io.min.js
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: a4dc8b07ba5692a4947b832761ab9574b05786e879e26e09007c8214ebadfec3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx
last-modified: Tue, 03 Jan 2023 17:14:34 GMT

GET
H2 200 anlik4.js Show response
89.252.139.221/js/ 15 KB
4 KB 263ms
262ms Script
text/javascript 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/js/anlik4.js?v=3.008
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6c24c68feff2fb7abad9f942d4a0c54e41814eac4e9545920959b937665c48ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx
last-modified: Tue, 16 Dec 2025 14:39:21 GMT

GET
H2 200 gram-index.js Show response
89.252.139.221/js/ 1 KB
739 B 265ms
264ms Script
text/javascript 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/js/gram-index.js?v=2
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: bc7e0937c0b647ec1a34662ac88beebc6993c7dd25249f48f8fb1f906fc60430

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx
last-modified: Mon, 26 Feb 2024 14:51:12 GMT

GET
H2 200 kolon.js Show response
89.252.139.221/js/ 4 KB
1 KB 265ms
265ms Script
text/javascript 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/js/kolon.js?v=23
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: d2606f1adbb264b519f75677cc657769aec5ade90d45481f2dc0c611b064506f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx
last-modified: Mon, 26 Feb 2024 14:46:17 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 195 KB
67 KB 480ms
206ms Script
application/javascript 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

b75f391c664dda6e6ad400bc96fc23fcacbd9384a95f04c40fb972bbfc58c67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "694bdeaf-109b7"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Mon, 12 Jan 2026 19:35:32 GMT
access-control-allow-origin: *
content-length: 68023
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: application/javascript
last-modified: Wed, 24 Dec 2025 12:38:07 GMT

GET
H2 200 li_bg.png
89.252.139.221/theme/img/ 302 B
562 B 87ms
87ms Image
image/png 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to Show image

Full URL: https://89.252.139.221/theme/img/li_bg.png
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/theme/style.css?v=7.41.141
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: d8ac53c01f3b719cf4a15652012d0d8b27e52c8593f1f1b15c44e5852ac1a060

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/theme/style.css?v=7.41.141

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
accept-ranges: bytes
content-length: 302
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: image/png
last-modified: Thu, 14 May 2015 09:58:55 GMT
server: nginx

GET
H2 200 sprite.png
89.252.139.221/theme/ 1 KB
1 KB 88ms
88ms Image
image/png 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to Show image

Full URL: https://89.252.139.221/theme/sprite.png
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/theme/style.css?v=7.41.141
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: f96cd163f5cee87cd8c1c248d408e26113afc87f21a2906fd77eba4e5e6e5712

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/theme/style.css?v=7.41.141

Response headers

x-cache-status: MISS
cache-control: max-age=286400000, public
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
accept-ranges: bytes
content-length: 1257
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: image/png
last-modified: Mon, 09 Feb 2015 22:18:55 GMT
server: nginx

GET
H2 200 kapalicarsi.php Show response
89.252.139.221/js/fetch/ 3 KB
999 B 232ms
231ms XHR
application/json 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/js/fetch/kapalicarsi.php
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/js/all.js?v=7.3363
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: 987d6c743ae4bcaada24b219379f0640034adafc24d9b48c86b96cc91286c248

Request headers

Referer: https://89.252.139.221/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: */*

Response headers

x-cache-status: MISS
cache-control: max-age=1
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 220ms
111ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

544a1746bd7a82b787764f77a0654557de7635aa4b89c320cc1527f2e7a122fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: br
etag: 756 / 20465 / 31096188 / config-hash: 5895186454135031604
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33851
x-xss-protection: 0
server: cafe

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 81 B
298 B 63ms
63ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

d913c3fdba2c69b445128ecd059a16ac74ad21407da744278ef8cccda5fe7cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=5184000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: application/javascript
last-modified: Wed, 12 Mar 2025 10:16:39 GMT
server: openresty/1.15.8.3

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame D2AA 2 KB
2 KB 189ms
63ms Document
text/html 185.7.176.221
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/str.html?v=4

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

de8705871a043bae87f2a8f1cc7fccac21ae5ac6eb9dab0f92691cd38906bf6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 1689
content-type: text/html
date: Mon, 12 Jan 2026 18:35:33 GMT
last-modified: Tue, 10 Sep 2024 10:02:00 GMT
server: openresty/1.15.8.3
strict-transport-security: max-age=63072000

GET
H2 200 hb Show response
ng.virgul.com/ 12 KB
3 KB 89ms
71ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=anlikaltinfiyatlari&mobile=false
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cbe61bf5fba0ef58465f10d0f5a9c57877e0bffd14608313302d2d4c1b7ddc43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=3600
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://89.252.139.221
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
54 KB 228ms
124ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

918edcb8f0c66cfc2c1567361e28c35eb66b1117d2705d2544ff1eefcfc3b85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin: https://89.252.139.221
Referer: https://89.252.139.221/

Response headers

content-encoding: br
etag: 811064857580772343
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55534
x-xss-protection: 0
server: cafe

GET
H2 200 anlikaltinfiyatlari.js Show response
static.virgul.com/theme/mockups/fallback/ 5 KB
2 KB 66ms
65ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/fallback/anlikaltinfiyatlari.js?dts=20465

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

b7f12cc9640294f6ad730130b6b4317aa9c962c5d29a3e441d21cd4e7859a099

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=5184000
content-encoding: gzip
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:32 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Mon, 29 Dec 2025 11:49:39 GMT

GET
H2 200 pageview Show response
ng.virgul.com/ 28 KB
6 KB 114ms
98ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1768242932965&v=https%3A%2F%2F89.252.139.221%2F&r=anlikaltinfiyatlari:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv2512181,ux1768242932965_1666,cn4gx0&info=&ref=&rdmt=0.6527312763652471
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3613dc17ef6c6be3704a8cdf93f246dc9869fb27c0a63e97528da83aa9e74d3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 empowerwebplayer2.js Show response
static.virgul.com/theme/mockups/outside/ 8 KB
3 KB 68ms
68ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/empowerwebplayer2.js?v=4

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

66f117b6520d3e0c61570ceba6d4738f95cc3b8f549abdbf15cd16249d00f3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=5184000
content-encoding: gzip
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Thu, 18 Dec 2025 10:44:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 343 KB
88 KB 344ms
121ms Script
application/javascript 52.85.67.113
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.67.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-67-113.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a59899a0924925667bceb057832c5a14a20b27c7461a44233d5dbfe9ad418eab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"2cee6b6ebb132bdf39d6ee56f5d44208"
age: 3087
via: 1.1 94bd75b95472ec61935815aa61472392.cloudfront.net (CloudFront), 1.1 1f6c8fca2731ca6abec1a6d565d2093e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: upwOo60BES6ErV47-417f4OvapMZH_CWkm9r0KaVDgmurpjdYNY5sA==
date: Mon, 12 Jan 2026 17:44:07 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P14, MUC50-P6
server: AmazonS3
last-modified: Fri, 09 Jan 2026 21:26:40 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 anlikaltinfiyatlari.js Show response
static.virgul.com/theme/mockups/sites/ 2 KB
2 KB 63ms
63ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/sites/anlikaltinfiyatlari.js?dts=491178

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

9c1ccfdc0f241348b7629cc5adb1e064f68d570e44518b9e446e20a0817f1429

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=5184000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1865
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 11:11:45 GMT
server: openresty/1.15.8.3

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 246ms
78ms Script
application/javascript 35.241.45.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Access-Control-Allow-Origin
content-encoding: gzip
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
etag: "47a886353056caf33a998c6041e20896"
age: 1661
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5009
date: Mon, 12 Jan 2026 18:07:52 GMT
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AJRbA5Wx-v-Ey0CaiI2zVtuybySET6ZJpjfumYuwN3kVLDArCEsPN_CXx58kP2XNW1HoqAng
cache-control: public,max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1685983010517890
content-length: 5009
server: UploadServer

GET
H2 200 zoneview
ng.virgul.com/ 0
286 B 64ms
64ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1768242933091&v=https%3A%2F%2F89.252.139.221%2F&r=153937@153938@153969:anlikaltinfiyatlari&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv2512181,ux1768242932965_1666,ba1x100,cn4gx0&info=&ref=&rdmt=0.9681200959870007
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:33 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 prebid10.19.0.js Show response
static.virgul.com/theme/mockups/outside/ 586 KB
221 KB 79ms
79ms Script
application/javascript 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

9527665876ee6fafaacaef065772254afd2bd1343efb0a92e4841637f3d45f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=5184000
content-encoding: gzip
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Tue, 09 Dec 2025 08:54:54 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ 7 KB
3 KB 207ms
63ms Script
application/javascript 185.7.176.223
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=20465
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer2.js?v=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=604800
content-encoding: gzip
expires: Mon, 19 Jan 2026 18:35:33 GMT
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Wed, 13 Oct 2021 11:58:21 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&cid=28577486
https://mc.yandex.ru/sync_cookie_image_start?cid=28577486&redirect_domain=mc.yandex.com&scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&token=10909.oneQPQWJn2qDTZ_lhXHJ-PykVjMG0JelNj982OqIPfnczaaxMPl4NlN...
https://mc.yandex.com/sync_cookie_image_decide?cid=28577486&scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&token=10909.2HuJQGqxF1-LT0xEkobLRrSNDJYC7mYn5V9aTmnVoKHQPue98IUJO4uS6dtKdrVYA8m0sPH3c-Tj8kFFCae...

43 B
66 B

141ms
140ms

Image
image/gif

87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?cid=28577486&scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&token=10909.2HuJQGqxF1-LT0xEkobLRrSNDJYC7mYn5V9aTmnVoKHQPue98IUJO4uS6dtKdrVYA8m0sPH3c-Tj8kFFCaeL4ZhVRx24dtbmUBcTK6e8Oqg%2C.Hi-W9ZSjvjeWCif9hUzLq7h90GY%2C

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
location: https://mc.yandex.com/sync_cookie_image_decide?cid=28577486&scid=5bdb60b2-f8e7-1d80-daad-90268aab60ec&token=10909.2HuJQGqxF1-LT0xEkobLRrSNDJYC7mYn5V9aTmnVoKHQPue98IUJO4uS6dtKdrVYA8m0sPH3c-Tj8kFFCaeL4ZhVRx24dtbmUBcTK6e8Oqg%2C.Hi-W9ZSjvjeWCif9hUzLq7h90GY%2C

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
187 B 158ms
147ms Image
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6932e5aa-2b"
expires: Mon, 12 Jan 2026 19:35:33 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: image/gif
last-modified: Fri, 05 Dec 2025 14:01:14 GMT

GET
H2 200 total.php Show response
89.252.139.221/socket/ 255 B
432 B 221ms
220ms XHR
text/html 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/socket/total.php
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/js/all.js?v=7.3363
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: d815e34a807642504201337c01936d0c36142afd47c2f151fd623395629c0b80

Request headers

Referer: https://89.252.139.221/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept: */*

Response headers

x-cache-status: MISS
cache-control: max-age=1, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding,User-Agent
server: nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/ 616 KB
194 KB 96ms
95ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js?cb=31096188

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

aeb3b009a488bdb9577653f671a0914b094f63822ff9ab0eef9b8b37b4d44cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: br
etag: 12916109649809660227
age: 11629
x-content-type-options: nosniff
expires: Tue, 12 Jan 2027 15:21:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 15:21:44 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 198768
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 76 B
72 B 119ms
119ms Fetch
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=89.252.139.221

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bf1d1277e586d598b54b39a96a2f4af06eadf5231aa97c856a8d748553f215fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:33 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 48
date: Mon, 12 Jan 2026 18:35:33 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601060101/ 534 KB
173 KB 108ms
108ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bec69aac32b0610002fb7700beae6e48203bcaa48a4c919ec896ae86198f74bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: br
etag: 16619801752171585622
age: 19825
x-content-type-options: nosniff
expires: Mon, 26 Jan 2026 13:05:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 12 Jan 2026 13:05:08 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 177299
x-xss-protection: 0
server: cafe

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 452 KB
143 KB 346ms
138ms Script
text/javascript 142.251.141.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=20465

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.251.141.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-ai-in-f10.1e100.net

Software

cafe /

Resource Hash

87042dfa20f40c2f78e078d8edc8f05ac3302015c6667c20d513603a90851913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: br
etag: 13783863786256441694
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 145923
x-xss-protection: 0
server: cafe

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ 400 KB
129 KB 70ms
70ms Script
application/javascript 185.7.176.223
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=20465
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d2ce76fb0ee89f79b30956afec1845e799eeed3ea16661071019cbee54d3c630

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=604800
content-encoding: gzip
expires: Mon, 19 Jan 2026 18:35:33 GMT
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Fri, 28 Nov 2025 10:08:20 GMT

GET
H2

200

tag Show response
pandg.tapad.com/ Frame 023F
Redirect Chain

https://feed.pghub.io/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2...
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D...

591 B
1 KB

274ms
111ms

Document
text/html

34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

269def6f9e07977ebd2de7adfa53a48020934a627108efc2e0f7fbaad1f4ebec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 12 Jan 2026 18:35:33 GMT
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-length: 0
date: Mon, 12 Jan 2026 18:35:33 GMT
location: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202601080101/ 63 KB
23 KB 97ms
97ms Other
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202601080101/gpt

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cf60345b955ac106d87ed26a2f73cb9bd0281293dab0f9a1b5b06e27d5064374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 13241406385580415262
age: 16238
x-content-type-options: nosniff
expires: Mon, 19 Jan 2026 14:04:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 14:04:55 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23231
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202601080101"

GET
H2 200 e0a76a78-9ad1-46f2-a337-886c2e24ac91 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
838 B 326ms
103ms Script
application/javascript 108.138.36.117
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-117.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 300f24c4f76ac3478518597353163986fabc045ce91fc030b6120ba0d66c2283

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=3600
age: 1301
via: 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: pfT7HAnAw5PBzw0uMMg61NssFHR4JquqOgo6m72ZwMY-UKA3TN-UmQ==
date: Mon, 12 Jan 2026 18:13:52 GMT
content-type: application/javascript
x-amz-cf-pop: MUC50-P2
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 214ms
213ms XHR
application/json 52.85.67.113
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F89.252.139.221&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.67.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-67-113.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 1a176954c9a2b527fbcddbdae1c8919fc5cf438712f4c2f00af35c81ea35f27d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 1f6c8fca2731ca6abec1a6d565d2093e.cloudfront.net (CloudFront)
access-control-allow-origin: https://89.252.139.221
x-cache: Miss from cloudfront
content-length: 2233
x-amz-cf-id: ff1CqnZkthDXnXqqJ9yY_OaZl5yK5tkZr9hU__O4voSI6XTShKh34w==
date: Mon, 12 Jan 2026 18:35:33 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: MUC50-P6
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 636ms
424ms XHR
application/javascript 52.85.67.113
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.67.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-67-113.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods: GET
x-cache: Miss from cloudfront
x-amz-cf-id: eJThqrpXtZ2MCbctG4DR5G8NF0Eimyr1UnGCGo77O-nT4ZlQiGBpCA==
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 34487f8527afa9dd69067b863d5246b8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

1 Show response
mc.yandex.com/watch/28577486/
Redirect Chain

https://mc.yandex.com/watch/28577486?wmode=7&page-url=https%3A%2F%2F89.252.139.221%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nmhispdoy84n8bnkmm71qe03kyvv%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.com/watch/28577486/1?wmode=7&page-url=https%3A%2F%2F89.252.139.221%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nmhispdoy84n8bnkmm71qe03kyvv%3Afu%3A0%3Aen%3Autf-8%3...

667 B
993 B

142ms
141ms

Fetch
application/json

87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/28577486/1?wmode=7&page-url=https%3A%2F%2F89.252.139.221%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nmhispdoy84n8bnkmm71qe03kyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Atr-TR%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A538785987946%3Ahid%3A911656456%3Az%3A180%3Ai%3A20260112213533%3Aet%3A1768242933%3Ac%3A1%3Arn%3A1056423734%3Arqn%3A1%3Au%3A1768242933868512520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A712%3Awv%3A2%3Ads%3A0%2C157%2C261%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1768242932196%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1768242934%3At%3AAnl%C4%B1k%20Alt%C4%B1n%20Fiyatlar%C4%B1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2833619972%29ti%281%29&redirnss=1

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

a03b00102a3bd4814d9955b444297fef764ad648c22dea2423f4e4e2cd73b60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Mon, 12-Jan-2026 18:35:33 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 667
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Mon, 12-Jan-2026 18:35:33 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/28577486/1?wmode=7&page-url=https%3A%2F%2F89.252.139.221%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nmhispdoy84n8bnkmm71qe03kyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Atr-TR%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A538785987946%3Ahid%3A911656456%3Az%3A180%3Ai%3A20260112213533%3Aet%3A1768242933%3Ac%3A1%3Arn%3A1056423734%3Arqn%3A1%3Au%3A1768242933868512520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A712%3Awv%3A2%3Ads%3A0%2C157%2C261%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1768242932196%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1768242934%3At%3AAnl%C4%B1k%20Alt%C4%B1n%20Fiyatlar%C4%B1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2833619972%29ti%281%29&redirnss=1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Mon, 12-Jan-2026 18:35:33 GMT
access-control-allow-origin: https://89.252.139.221
x-xss-protection: 1; mode=block
last-modified: Mon, 12-Jan-2026 18:35:33 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20260107/r20190131/ Frame 1ECB 8 KB
4 KB 209ms
97ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20260107/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

age: 46536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3878
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 05:39:57 GMT
etag: 9949080804817620733
expires: Mon, 26 Jan 2026 05:39:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A03 603 B
67 B 363ms
259ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1768242933&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2F89.252.139.221%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1768242933326&bpp=9&bdt=691&idt=418&shv=r20260107&mjsv=m202601060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1257841106316&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096043%2C42532523%2C95376583%2C95379897%2C95372614%2C95379058&oid=2&pvsid=5349629749062769&tmod=1142139689&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=212x945_l%7C212x945_r&bz=1&ifi=1&uci=a!1&fsb=1&dtd=433

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 18:35:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 67 KB
22 KB 325ms
99ms Script
application/javascript 23.215.23.105
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.23.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-23-105.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 45bc6978e281a938d9485dcbf0859159b24e2f7c9b8b0fafc120b9606e0ea8b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "10ab4-63a0ee37f7c40-gzip"
expires: Mon, 12 Jan 2026 18:50:34 GMT
accept-ranges: bytes
content-length: 21994
date: Mon, 12 Jan 2026 18:35:34 GMT
last-modified: Wed, 16 Jul 2025 17:04:41 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 327ms
107ms Script
text/javascript 108.138.36.46
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-46.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c266d60e86e7331175b8e240c819b3aac5619946898bd15a2aa0f41a3d649bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"fd70b17e043ac76a253c2ea96a42a12a"
age: 53491
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9nhFw0rsAGHfsc0OsR1XymRpEKYReR-eBm1CL87O5WJxUCfQmuDRBg==
date: Mon, 12 Jan 2026 03:55:37 GMT
content-type: text/javascript
last-modified: Thu, 16 Oct 2025 16:30:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
33 KB 239ms
85ms Script
text/javascript 104.20.23.13
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.23.13 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c76a6e2db9915ca3d9556d4fd3571ad48ccf06faeb8c0390286e767e649a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

x-amz-id-2: 0PSdESUd1PfObUr3H9fUT4NepsGJsm9F5XTI/wnBGtuizmHS/82+7M0DvRCoMVwPB8nXwViYtDPdW1IBEHZrKGDNam9JZSLwULz62udNmJA=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"2f708aed65cbc0595e01d594283c0585"
age: 2559
x-amz-request-id: 252MCH3HWHTV186B
cf-ray: 9bcec1219f0bbc1a-SOF
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 09 Jan 2026 08:47:44 GMT
vary: accept-encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 023F 70 B
149 B 396ms
130ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=94aa40e6-08a6-4d1e-9ad5-4b018717bbaf%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=&gdpr_consent=
Requested by: Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2F89.252.139.221%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://pandg.tapad.com/

Response headers

content-length: 70
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 61419336e4b0a8899c5f4673
ng.virgul.com/tck/imp/ 0
286 B 63ms
63ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/61419336e4b0a8899c5f4673?r=153937@site_geneli@anlikaltinfiyatlari:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933036&mt=1768242932965&t=gb&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&g=1
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2

200

sync_cookie_image_finish_secondary
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary?scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&cid=28577486
https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=28577486&redirect_domain=mc.yandex.com&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.qk_22kHaTTXIlL7C3i48wEul8eMhTVoymiUDoj5U151Dv...
https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=28577486&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.hTG_ln1_dsxlAhZ7sXCJmC_iZ117qUEK7w-dlLZOAJctIvmlf8ss790RJQA_lOgITSG5HklwH...
https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=28577486&redirect_domain=mc.yandex.com&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.tve9oFOEv1yiv6ownerxLSSyAM6IbQyqH69a65o1xMvp...

43 B
404 B

138ms
138ms

Image
image/gif

87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=28577486&redirect_domain=mc.yandex.com&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.tve9oFOEv1yiv6ownerxLSSyAM6IbQyqH69a65o1xMvpbk0fVSqgnxcWZix6x2x4NqIteLz5io0UAVv6ljgBXrYUwAyUXq6W-CU0hrWL7izrEWs4lazycz_muHeOAKbcaMX8gd-m4KfhvrrK3WhhpYpS2jjSqhuesmzLDJYqMHpU2QAfpLijOobnl0GxBQY79XWF8Mopn70lILGJ4C0s9w%2C%2C.h7RMec3PXsBfHqD88MpJ8GoJxqc%2C

Requested by

Host: 89.252.139.221
URL: https://89.252.139.221/

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
location: https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=28577486&redirect_domain=mc.yandex.com&scid=cde41652-b84c-b392-74b0-fe00ae4c4e49&token=10909.tve9oFOEv1yiv6ownerxLSSyAM6IbQyqH69a65o1xMvpbk0fVSqgnxcWZix6x2x4NqIteLz5io0UAVv6ljgBXrYUwAyUXq6W-CU0hrWL7izrEWs4lazycz_muHeOAKbcaMX8gd-m4KfhvrrK3WhhpYpS2jjSqhuesmzLDJYqMHpU2QAfpLijOobnl0GxBQY79XWF8Mopn70lILGJ4C0s9w%2C%2C.h7RMec3PXsBfHqD88MpJ8GoJxqc%2C

GET
H2 200 id5-api-js Show response
api.id5-sync.com/analytics/1476/ 1 KB
683 B 321ms
103ms Fetch
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://api.id5-sync.com/analytics/1476/id5-api-js

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

948854ed54787d4a81b80d53f9453a1a64bcb08cd384920c7f068e0c91759765

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=300
access-control-expose-headers: Access-Control-Allow-Origin
content-encoding: gzip
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: application/json
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
695 B 386ms
133ms XHR
application/json 52.49.255.252
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://bcp.crwdcntrl.net/6/map?xcid=16576

Requested by

Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.255.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-255-252.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f4f3947815b7b98f3247d5e1e9299de4242f0d145c9a467046ff961cb14fb438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://89.252.139.221
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: application/json;charset=utf-8

GET
H2 200 bridge3.736.0_tr.html Show response
imasdk.googleapis.com/js/core/ Frame 42C7 901 KB
268 KB 299ms
98ms Document
text/html 142.251.141.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.251.141.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-ai-in-f10.1e100.net

Software

sffe /

Resource Hash

c686b95a4b71019932e1cbe9ba8892d3bf9363db2a89ce04d51b35b9c0068b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 328884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 274085
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jan 2026 23:14:10 GMT
expires: Fri, 08 Jan 2027 23:14:10 GMT
last-modified: Wed, 07 Jan 2026 22:05:45 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 317ms
106ms Script
text/javascript 142.251.208.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-bp-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:34 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Mon, 12 Jan 2026 18:35:34 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

POST
H2 200 count
logger.virgul.com/ 0
227 B 80ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_anlikaltinfiyatlari:::10622617&o=0-100&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BCDC 45 KB
15 KB 97ms
97ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 2079
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 19:00:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:00:55 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
523 B 318ms
105ms Fetch
text/plain 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://89.252.139.221
p3p: CP="CAO PSA OUR"
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: text/plain;charset=utf-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
159 B 300ms
97ms Fetch
application/json 162.19.223.45
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.223.45 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: /
Resource Hash: 43be585ed1248bf9988802508984460caaaa6ebedcfd64431375aa6f4f412dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-origin: https://89.252.139.221
content-length: 54
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: application/json
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
333 B 327ms
106ms Fetch
application/json 141.95.98.64
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

ccf1b65be81c6ecd6b68b6b1cb2ef930a828a8347ad8b82a75c0429d98f3055a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://89.252.139.221
content-encoding: gzip
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_anlikaltinfiyatlari:preroll:500&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
DATA 200
OK truncated
/ 1016 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 zoneview
ng.virgul.com/ 0
286 B 63ms
63ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1768242934772&v=https%3A%2F%2F89.252.139.221%2F%26vi%3D10622617%40&r=153944:anlikaltinfiyatlari&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv2512181,ux1768242932965_1666,ba1x100,cn4gx0&info=&ref=&rdmt=0.4486104379640692
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

POST
H2 200 count
logger.virgul.com/ 0
227 B 65ms
65ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_anlikaltinfiyatlari::25::10622617:vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 63ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_anlikaltinfiyatlari::50::10622617:vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_anlikaltinfiyatlari::75::10622617:vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
H2 206 10622617-270_1-72k.mp4
istr-n3.nktcdn.com/data/videos/10622/ 687 KB
0 199ms
62ms Media
video/mp4 185.7.176.203
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://istr-n3.nktcdn.com/data/videos/10622/10622617-270_1-72k.mp4?token=pan7rv_EYyMrpuoZQy49Fg&ts=2083992055
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.203 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

Referer: https://89.252.139.221/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

access-control-allow-origin: *
Content-Length: 766195
date: Mon, 12 Jan 2026 18:35:34 GMT
content-type: video/mp4
last-modified: Tue, 21 Sep 2021 09:25:10 GMT
server: openresty/1.15.8.3
Content-Range: bytes 0-766194/766195

GET
H2 200 614193f6e4b0a8899c5f4690
ng.virgul.com/tck/imp/ 0
286 B 72ms
71ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/614193f6e4b0a8899c5f4690?r=153938@site_geneli@anlikaltinfiyatlari:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933036&mt=1768242932965&t=gb&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&g=1
Requested by: Host: 89.252.139.221
URL: https://89.252.139.221/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:34 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

POST
H2 200 v3 Show response
id5-sync.com/gm/ 2 KB
2 KB 103ms
102ms XHR
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

4277b6d175f18edf06a0ed45a80aaa10bf1e157d3d48927d96ce90dcff9d421a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://89.252.139.221
p3p: CP="CAO PSA OUR"
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 adview Show response
696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/ Frame 07D4 3 KB
2 KB 205ms
62ms Document
text/html 185.7.176.223
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/adview?a=696513282311130e0cd4a531&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933037&mt=1768242932965&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&vmn=696513282311130e0cd4a531___153941-164983655
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=anlikaltinfiyatlari
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: c78fcbb42d2ae5491966016786fd3dda5615d70721c0563fe662aaba97bbfce8

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-origin: https://89.252.139.221
content-encoding: gzip
content-type: text/html
date: Mon, 12 Jan 2026 18:35:35 GMT
expires: Tue, 04 Jan 2022 10:49:40 GMT
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server: openresty/1.15.8.3
vary: Accept-Encoding

GET
H2 200 zoneview
ng.virgul.com/ 0
286 B 67ms
64ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1768242935094&v=https%3A%2F%2F89.252.139.221%2F%26vi%3D10622617%40&r=153941:anlikaltinfiyatlari&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv2512181,ux1768242932965_1666,ba1x100,cn4gx0&info=&ref=&rdmt=0.8859772916425256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 223ms
115ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20260107&st=env&sjk=5349629749062769

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

355192bdc00aec901d21d6d88b8da686eede9ce0ae8537ed07eb111da58fda7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13560
date: Mon, 12 Jan 2026 18:35:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
62ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_anlikaltinfiyatlari::10622617&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=start&g=m&r=npm_anlikaltinfiyatlari::::10622617&o=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15:15:300-400::&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 66ms
65ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_anlikaltinfiyatlari:preroll&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
DATA 200
OK truncated
/ 985 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 61419336e4b0a8899c5f4673
ng.virgul.com/tck/i_vb2/ 0
286 B 63ms
63ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/61419336e4b0a8899c5f4673?l=&r=153937@site_geneli@anlikaltinfiyatlari:site_geneli&cs=1768242935104&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 614193f6e4b0a8899c5f4690
ng.virgul.com/tck/i_vb2/ 0
286 B 142ms
142ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/614193f6e4b0a8899c5f4690?l=&r=153938@site_geneli@anlikaltinfiyatlari:site_geneli&cs=1768242935104&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://id5-sync.com/i/1476/8.gif?o=api&id5id=ID5*cgj1wrDMFG_tPnjIJ5-y8ML4hpmajsm7_LmQCCL0zBz__2llPvdaAAEBCmllPvYAekOqFQxXj8JxlWxT9W8Fug&gdpr_consent=undefined&gdpr=false
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1476%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1476%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1476/112/7/2.gif?puid=EAAEFB9B6AA6FBA6&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

130ms
130ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-length: 70
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: image/gif
server: Kestrel

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
p3p: CP="CAO PSA OUR"
date: Mon, 12 Jan 2026 18:35:34 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 bid
aax.amazon-adsystem.com/e/dtb/ Frame 0
0 398ms
126ms Preflight 18.173.162.223
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.162.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-162-223.muc50.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.252.139.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods: POST
access-control-allow-origin: https://89.252.139.221
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Mon, 12 Jan 2026 18:35:34 GMT
server: Server
via: 1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
x-amz-cf-id: OPZKSin4VqxcaxZ_zC0U0JHiIdSeJJ-hHaQXffdKUEHCqHPjWDFgBA==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 324ms
106ms Preflight
application/json 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F89.252.139.221%2F&domain=89.252.139.221&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://89.252.139.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://89.252.139.221
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Jan 2026 18:35:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 214033
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 25 B
390 B 327ms
127ms Fetch
application/json 18.173.162.223
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.162.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-162-223.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://89.252.139.221/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
access-control-allow-origin: https://89.252.139.221
x-cache: Miss from cloudfront
content-length: 45
x-amz-cf-id: xmGPnk3WQ7Rh6IvdltKTh_vnCShL6Xyb9Cy4j9cvB2_iMG2vuWe9ew==
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/json;charset=UTF-8
vary: Origin
server: Server
x-amz-cf-pop: MUC50-P3

GET
H2 204 sync Show response
spadsync.com/ 0
94 B 265ms
108ms Fetch 34.8.2.179
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://spadsync.com/sync?sptoken=d55808a8-e7ea-45c1-80c1-a9f19f4b5d93&sspid=n8k&ssphost=89.252.139.221&sharedId=07ba3288-3630-4908-a3ea-d2461f14ef41
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.8.2.179 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 179.2.8.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:35 GMT

GET
H/1.1 200
OK / Show response
id.ad-plus.com.tr/ 27 B
1 KB 244ms
71ms Fetch
application/json 176.235.30.103
TELLCOM-AS Supero...

General

Check archive.org

Download Go to

Full URL: https://id.ad-plus.com.tr/?token=baf3e624-ff08-408d-a11e-f174a59b73cb
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.235.30.103 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR),
Reverse DNS
Software: /
Resource Hash: 68278340b8becb384646f4aa57e6f2a5b117e151d76fc414616d6c881343e3f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

Access-Control-Max-Age: 0
cache-control: private
Access-Control-Expose-Headers: Content-Length,Set-Cookie,Content-Range
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://89.252.139.221
Content-Length: 27
Date: Mon, 12 Jan 2026 18:35:35 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: X-Slack-Request-Timestamp,X-Slack-Signature,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie

GET
H2 200 json Show response
gum.criteo.com/sid/ 298 B
907 B 323ms
109ms Fetch
application/json 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F89.252.139.221%2F&domain=89.252.139.221&cw=1&lsw=1

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e01a4dbd1f4660324ac5478eb025f06ae232afee0e1b81b722c1fd34cde182e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: application/json
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 513714
expires: 0
access-control-allow-origin: https://89.252.139.221
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H/1.1 204
No Content fpc Show response
at.teads.tv/ 0
285 B 344ms
120ms Fetch 72.246.28.143
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.28.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-28-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

Expires: Mon, 12 Jan 2026 18:35:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Origin: https://89.252.139.221
Pragma: no-cache
Date: Mon, 12 Jan 2026 18:35:35 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
425 B 390ms
130ms Fetch
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 30f178a76f03904df9cacdcb73dd2292e7053ef87a9efa70c1369e33bd7dd638

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Wed, 11 Feb 2026 18:35:35 GMT
access-control-allow-origin: https://89.252.139.221
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/json
vary: Origin,Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 42C7 156 B
145 B 309ms
199ms Fetch
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22596880139%2Fweb_anlikaltinfiyatlari_preroll_FP3&description_url=http%3A%2F%2Fanlikaltinfiyatlari.com&env=vp&correlator=3750960028584691&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&vpmute=1&plcmt=2&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&cust_params=psz%3Dwsm%26site%3Danlikaltinfiyatlari%26env%3Dweb%26mt%3D1768242932965%26r%3D153944%40site_geneli%40anlikaltinfiyatlari%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Danlikaltinfiyatlari%26plm%3Dnull%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.736.0&osd=2&frm=0&vis=1&sdr=1&hl=tr&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=100000445&ptt=20&vo=0&adk=498848531&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.736.0&sid=56133167-A572-4984-96B5-2CF87A26E49C&htps=10&nel=1&eid=95322027%2C95331589%2C95332046&url=null&dlt=1768242932635&idt=2269&dt=1768242935160&cookie_enabled=1&cdm=89.252.139.221&eoidce=1&pvsid=5349629749062769&scor=924717378877249&ged=ve4_td2_tt0_pd2_la2000_er1199.1599.1349.1899_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: text/xml; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-length: 113
x-xss-protection: 0
server: cafe

GET
H2 200 jquery-3.3.1.min.js Show response
static.virgul.com/theme/mockups/jquery/ Frame 07D4 85 KB
35 KB 70ms
69ms Script
application/javascript 185.7.176.221
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL

https://static.virgul.com/theme/mockups/jquery/jquery-3.3.1.min.js

Requested by

Host: 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
URL: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/adview?a=696513282311130e0cd4a531&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933037&mt=1768242932965&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&vmn=696513282311130e0cd4a531___153941-164983655

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=5184000
content-encoding: gzip
access-control-allow-origin: *
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/javascript
vary: Accept-Encoding
server: openresty/1.15.8.3
last-modified: Mon, 01 Sep 2025 07:49:51 GMT

GET
H2 200 696513282311130e0cd4a531
ng.virgul.com/tck/imp/ Frame 07D4 0
317 B 66ms
65ms Image
text/plain 185.7.176.221
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/696513282311130e0cd4a531?userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&mt=1768242932965&sdr=&et=&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&info=&t=banner:153941@site_geneli@anlikaltinfiyatlari:site_geneli&os=&c=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&cs=1768242935268
Requested by: Host: 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
URL: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/adview?a=696513282311130e0cd4a531&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933037&mt=1768242932965&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&vmn=696513282311130e0cd4a531___153941-164983655
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/2765965/91978760/ Frame 07D4 63 KB
15 KB 431ms
134ms Script
application/javascript 34.248.38.159
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/2765965/91978760/skeleton.js
Requested by: Host: 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
URL: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/adview?a=696513282311130e0cd4a531&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933037&mt=1768242932965&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&vmn=696513282311130e0cd4a531___153941-164983655
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.248.38.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-38-159.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 31fc313fd9908a123cbd106318b90497f5005ce5a6616b6b40b94e283b72c8af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: pixel.adsafeprotected.com
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/javascript;charset=utf-8
vary: accept-encoding

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 321ms
108ms Script
text/javascript 142.251.141.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202601060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.141.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-ai-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H3 200 B34868746.438238155;sz=160x600;ord=1768242935268;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_... Show response
ad.doubleclick.net/ddm/adi/N4786.1703598NOKTAMEDYA.COM0/ Frame 105F 69 KB
32 KB 243ms
130ms Document
text/html 142.251.208.6
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N4786.1703598NOKTAMEDYA.COM0/B34868746.438238155;sz=160x600;ord=1768242935268;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;dc_tdv=1?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-bp-in-f6.1e100.net

Software

cafe /

Resource Hash

ead31ef483b11c49a41312470873cbbbc82680a1671bbfbb6917d871107c957f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 32712
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 18:35:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 42C7 0
534 B 1251ms
415ms Ping
image/gif 142.251.12.120
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~mkbi6sly&c=1257841106316&slotId=628920553158&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_anlikaltinfiyatlari:preroll:303:&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
64ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_anlikaltinfiyatlari:preroll&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 42C7 156 B
143 B 231ms
231ms Fetch
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22596880139%2Fweb_anlikaltinfiyatlari_preroll_FP2&description_url=http%3A%2F%2Fanlikaltinfiyatlari.com&env=vp&correlator=3750960028584691&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&vpmute=1&plcmt=2&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&cust_params=psz%3Dwsm%26site%3Danlikaltinfiyatlari%26env%3Dweb%26mt%3D1768242932965%26r%3D153944%40site_geneli%40anlikaltinfiyatlari%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Danlikaltinfiyatlari%26plm%3Dnull%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.736.0&osd=2&frm=0&vis=1&sdr=1&hl=tr&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=100000445&ptt=20&vo=0&adk=498848531&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.736.0&sid=56133167-A572-4984-96B5-2CF87A26E49C&htps=10&nel=1&eid=95322027%2C95331589%2C95332046&url=null&dlt=1768242932635&idt=2269&dt=1768242935481&cookie_enabled=1&cdm=89.252.139.221&eoidce=1&pvsid=5349629749062769&scor=924717378877249&ged=ve4_td2_tt0_pd2_la2000_er1199.1599.1349.1899_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: text/xml; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-length: 113
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 prebidjs
ittr.eskimi.com/ Frame 0
0 362ms
114ms Preflight 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.252.139.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, Origin, Accept, Content-Type, Accept-Language, X-Requested-With, Authorization, Accept-Encoding, User-Agent, Host
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://89.252.139.221
access-control-max-age: 1728000
content-length: 0
date: Mon, 12 Jan 2026 18:35:35 GMT

OPTIONS
H2 200 prebidjs
ittr.eskimi.com/ Frame 0
0 362ms
114ms Preflight 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.252.139.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, Origin, Accept, Content-Type, Accept-Language, X-Requested-With, Authorization, Accept-Encoding, User-Agent, Host
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://89.252.139.221
access-control-max-age: 1728000
content-length: 0
date: Mon, 12 Jan 2026 18:35:35 GMT

OPTIONS
H2 200 prebidjs
ittr.eskimi.com/ Frame 0
0 362ms
115ms Preflight 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.252.139.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, Origin, Accept, Content-Type, Accept-Language, X-Requested-With, Authorization, Accept-Encoding, User-Agent, Host
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://89.252.139.221
access-control-max-age: 1728000
content-length: 0
date: Mon, 12 Jan 2026 18:35:35 GMT

OPTIONS
H2 200 prebidjs
ittr.eskimi.com/ Frame 0
0 361ms
115ms Preflight 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.252.139.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, Origin, Accept, Content-Type, Accept-Language, X-Requested-With, Authorization, Accept-Encoding, User-Agent, Host
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://89.252.139.221
access-control-max-age: 1728000
content-length: 0
date: Mon, 12 Jan 2026 18:35:35 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
387 B 342ms
121ms Fetch
application/json 51.89.9.254
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://89.252.139.221
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 19
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 403 4435253 Show response
yandex.com/ads/prebid/ 27 B
304 B 477ms
179ms Fetch
text/html 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.com/ads/prebid/4435253?imp-id=1&target-ref=89.252.139.221&adapter-version=2.9.0&ssp-id=10500&domain=yandex.com&ssp-cur=TRY

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

x-yandex-req-id: 1768242936045592-1599412187372143876-balancer-l7leveler-kubr-yp-vla-158-BAL
content-encoding: gzip
x-ads-service-name: yabs-server.partner.meta, yabs-server.partner.meta
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-ads-queuetime: 0.044000
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:36 GMT
date: Mon, 12 Jan 2026 18:35:36 GMT
x-ads-loadaverageonarrival: 0.272727
last-modified: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/html; charset=windows-1251
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
access-control-allow-credentials: true
x-yt-request-id: 2c1dc2f-25ab050a-941dd1f1-68b9e136
x-ads-degradation: 0.000000
x-ads-loadaverage: 0.272727
access-control-allow-origin: https://89.252.139.221
x-yt-trace-id: 0-1-0-0
x-xss-protection: 1; mode=block

POST
H2 403 4435253 Show response
yandex.com/ads/prebid/ 27 B
2 KB 474ms
178ms Fetch
text/html 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.com/ads/prebid/4435253?imp-id=1&target-ref=89.252.139.221&adapter-version=2.9.0&ssp-id=10500&domain=yandex.com&ssp-cur=TRY

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

x-yandex-req-id: 1768242936045241-3451434097036009974-balancer-l7leveler-kubr-yp-vla-158-BAL
content-encoding: gzip
x-ads-service-name: yabs-server.partner.meta, yabs-server.partner.meta
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
x-ads-queuetime: 0.047000
expires: Mon, 12 Jan 2026 18:35:36 GMT
date: Mon, 12 Jan 2026 18:35:36 GMT
x-ads-loadaverageonarrival: 0.424242
last-modified: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/html; charset=windows-1251
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
pragma: no-cache
access-control-allow-credentials: true
x-yt-request-id: f15a5ef8-75fb66e2-63b83fd1-e089d425
x-ads-degradation: 0.000000
x-ads-loadaverage: 0.242424
access-control-allow-origin: https://89.252.139.221
x-yt-trace-id: 0-1-0-0
x-xss-protection: 1; mode=block

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
358 B 351ms
111ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 , Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 10128ae5a08d583b018bd2ecc7495e95797127c095b366daa5e7e5674b32e6c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: 0
access-control-allow-origin: https://89.252.139.221
content-length: 174
x-prebid: pbs-java/3.38.0
content-type: application/json
vary: origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 444 B
827 B 400ms
166ms Fetch
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=387588&zone_id=2160452&size_id=15&alt_size_ids=2%2C1%2C7%2C13%2C14%2C19%2C38%2C39%2C40%2C43%2C44%2C55%2C57%2C117%2C159%2C552&rp_schain=1.0,1!empower.net,61408931e4b0a8899c5f44de,1,,,&eid_ad-plus.com.tr=201078.2727212634%5E1%5E%5E%5E%5E%5E&eid_novatiq.com=d55808a8-e7ea-45c1-80c1-a9f19f4b5d93%5E%5E%5E%5E%5E%5E&eid_pubcid.org=07ba3288-3630-4908-a3ea-d2461f14ef41%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2F89.252.139.221%2F&kw=anl%C4%B1kalt%C4%B1n%2Canlikaltin%2Calt%C4%B1nfiyatlar%C4%B1%2Caltinfiyatlari%2Calt%C4%B1nd%C3%B6viz%2Ccanl%C4%B1alt%C4%B1n%2Ccanl%C4%B1d%C3%B6viz%2Canl%C4%B1kalt%C4%B1n%2Ccanlialtin%2Ccanl%C4%B1alt%C4%B1nfiyatlar%C4%B1%2Caltinfiyatlari%2Canlikaltinfiyatlari&tg_i.domain=89.252.139.221&tg_i.page=https%3A%2F%2F89.252.139.221%2F&tg_i.name=anlikaltinfiyatlari&tg_i.documentLang=tr&tk_flint=pbjs_lite_v10.19.0&x_source.tid=u2670378b-2cdb-4bb9-8ae9-f4a51570e2c1&l_pb_bid_id=b6a9fee6-e22a-40d6-b81b-3cd3860431b7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=u86b80d5c-f5c3-40ba-9d19-f70804429d0f&p_formats=banner%2Cvideo&m_ch_mobile=%3F0&slots=1&rand=0.6036491704448788
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 50bad19af294fe0e8fe629a7b837423ce9d36faa5963bf1dae1789689bec9853

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 444
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 444 B
978 B 357ms
124ms Fetch
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=387588&zone_id=3774242&size_id=15&alt_size_ids=2%2C1%2C7%2C13%2C14%2C19%2C38%2C39%2C40%2C43%2C44%2C55%2C57%2C117%2C159%2C552&rp_schain=1.0,1!empower.net,61408931e4b0a8899c5f44de,1,,,&eid_ad-plus.com.tr=201078.2727212634%5E1%5E%5E%5E%5E%5E&eid_novatiq.com=d55808a8-e7ea-45c1-80c1-a9f19f4b5d93%5E%5E%5E%5E%5E%5E&eid_pubcid.org=07ba3288-3630-4908-a3ea-d2461f14ef41%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2F89.252.139.221%2F&kw=anl%C4%B1kalt%C4%B1n%2Canlikaltin%2Calt%C4%B1nfiyatlar%C4%B1%2Caltinfiyatlari%2Calt%C4%B1nd%C3%B6viz%2Ccanl%C4%B1alt%C4%B1n%2Ccanl%C4%B1d%C3%B6viz%2Canl%C4%B1kalt%C4%B1n%2Ccanlialtin%2Ccanl%C4%B1alt%C4%B1nfiyatlar%C4%B1%2Caltinfiyatlari%2Canlikaltinfiyatlari&tg_i.domain=89.252.139.221&tg_i.page=https%3A%2F%2F89.252.139.221%2F&tg_i.name=anlikaltinfiyatlari&tg_i.documentLang=tr&tk_flint=pbjs_lite_v10.19.0&x_source.tid=u2670378b-2cdb-4bb9-8ae9-f4a51570e2c1&l_pb_bid_id=1c774698-40e7-482a-963e-97b6b12c1280&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=u86b80d5c-f5c3-40ba-9d19-f70804429d0f&p_formats=banner%2Cvideo&m_ch_mobile=%3F0&slots=1&rand=0.9942978627061247
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 9a6b9e1c81f9b6e8e084426f3e2ddcb0fd67615f945b822dfb62f1e7578ebf32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 444
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 437 B
798 B 412ms
178ms Fetch
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=387588&zone_id=2160456&size_id=15&alt_size_ids=7%2C13%2C14%2C16%2C19%2C43%2C44%2C117%2C159%2C552&rp_schain=1.0,1!empower.net,61408931e4b0a8899c5f44de,1,,,&eid_ad-plus.com.tr=201078.2727212634%5E1%5E%5E%5E%5E%5E&eid_novatiq.com=d55808a8-e7ea-45c1-80c1-a9f19f4b5d93%5E%5E%5E%5E%5E%5E&eid_pubcid.org=07ba3288-3630-4908-a3ea-d2461f14ef41%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2F89.252.139.221%2F&kw=anl%C4%B1kalt%C4%B1n%2Canlikaltin%2Calt%C4%B1nfiyatlar%C4%B1%2Caltinfiyatlari%2Calt%C4%B1nd%C3%B6viz%2Ccanl%C4%B1alt%C4%B1n%2Ccanl%C4%B1d%C3%B6viz%2Canl%C4%B1kalt%C4%B1n%2Ccanlialtin%2Ccanl%C4%B1alt%C4%B1nfiyatlar%C4%B1%2Caltinfiyatlari%2Canlikaltinfiyatlari&tg_i.domain=89.252.139.221&tg_i.page=https%3A%2F%2F89.252.139.221%2F&tg_i.name=anlikaltinfiyatlari&tg_i.documentLang=tr&tk_flint=pbjs_lite_v10.19.0&x_source.tid=u2670378b-2cdb-4bb9-8ae9-f4a51570e2c1&l_pb_bid_id=2447cc42-b071-4c4f-8071-87ff5d0fbbb8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=u383f0a72-fdb3-4924-9099-f74a17d4fa21&p_formats=banner%2Cvideo&m_ch_mobile=%3F0&slots=1&rand=0.3185994874456868
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: dc440221fb7f67271cfc615e883d0c96d6190a235cc27beb73d0b7f45e76e53c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 437
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 329ms
108ms Fetch 185.184.8.90
RTB-HOUSE-AMS RTB...

General

Check archive.org

Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://89.252.139.221
date: Mon, 12 Jan 2026 18:35:35 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 397ms
153ms Fetch 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
expires: -1
access-control-allow-origin: https://89.252.139.221
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 12 Jan 2026 18:35:36 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 204 prebidjs Show response
ittr.eskimi.com/ 0
105 B 351ms
117ms Fetch 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8
Referer: https://89.252.139.221/

Response headers

date: Mon, 12 Jan 2026 18:35:36 GMT
access-control-allow-origin: https://89.252.139.221
access-control-allow-credentials: true

POST
H2 204 prebidjs Show response
ittr.eskimi.com/ 0
104 B 410ms
174ms Fetch 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8
Referer: https://89.252.139.221/

Response headers

date: Mon, 12 Jan 2026 18:35:35 GMT
access-control-allow-origin: https://89.252.139.221
access-control-allow-credentials: true

POST
H2 204 prebidjs Show response
ittr.eskimi.com/ 0
104 B 353ms
119ms Fetch 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8
Referer: https://89.252.139.221/

Response headers

date: Mon, 12 Jan 2026 18:35:36 GMT
access-control-allow-origin: https://89.252.139.221
access-control-allow-credentials: true

POST
H2 204 prebidjs Show response
ittr.eskimi.com/ 0
104 B 411ms
176ms Fetch 23.88.31.198
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ittr.eskimi.com/prebidjs
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.31.198 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.198.31.88.23.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8
Referer: https://89.252.139.221/

Response headers

date: Mon, 12 Jan 2026 18:35:35 GMT
access-control-allow-origin: https://89.252.139.221
access-control-allow-credentials: true

POST
H2 204 bid Show response
ap.lijit.com/rtb/ 0
207 B 385ms
122ms Fetch 18.203.177.31
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_10.19.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.203.177.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-177-31.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: https://89.252.139.221
x-envoy-upstream-service-time: 5
date: Mon, 12 Jan 2026 18:35:35 GMT
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 204 prebidjs Show response
api.w.inmobi.com/openrtb/bidder/ 0
175 B 356ms
113ms Fetch 35.214.234.219
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://api.w.inmobi.com/openrtb/bidder/prebidjs
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.234.219 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 219.234.214.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: https://89.252.139.221
date: Mon, 12 Jan 2026 18:35:36 GMT
vary: Accept-Encoding
server: envoy
access-control-allow-headers: *

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
655 B 306ms
149ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Download Go to

Full URL

https://a.teads.tv/hb/bid-request

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

x-check-cacheable: NO
observe-browsing-topics: ?1
expires: 0
x-cache: MISS
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: application/json
x-served-by: cache-sof1510030-SOF
x-cache-hits: 0
vary: Accept-Encoding
x-u: /hb/bid-request
strict-transport-security: max-age=300
x-b: OT7pu8Xazv8kOHAME9TG23--F_euw1_load_testing_teads_tv
cache-control: max-age=0, no-cache, no-store
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
x-timer: S1768242936.894993,VS0,VE76
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://89.252.139.221
content-length: 16
traffic-path: DUBDC2

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 424 B
988 B 341ms
112ms Fetch
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

0330296cc0e2ddbd82203eec4b889d81a655182228fbeff9315ac6e9ecea6794

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 195.88.86.118; 195.88.86.118; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://89.252.139.221
an-x-request-uuid: 3aa686bb-b64c-4436-aa8e-a03ff3004881
content-length: 424
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 12 Jan 2026 18:35:35 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.25.5

GET
H2 200 7508972215590503226
s0.2mdn.net/simgad/ Frame 105F 14 KB
14 KB 301ms
99ms Image
image/jpeg 142.251.208.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7508972215590503226

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4786.1703598NOKTAMEDYA.COM0/B34868746.438238155;sz=160x600;ord=1768242935268;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;dc_tdv=1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-bp-in-f6.1e100.net

Software

sffe /

Resource Hash

91cf1a7d1944c9731256d44a0270a8d19e720e502120d49cb84e266c9ed20824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

age: 11107
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Tue, 12 Jan 2027 15:30:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 12 Jan 2026 15:30:28 GMT
last-modified: Mon, 12 Jan 2026 08:07:42 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 14129
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 2B30 13 KB
5 KB 304ms
100ms Document
text/html 142.251.141.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.141.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-ai-in-f1.1e100.net

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 17:48:06 GMT
expires: Mon, 12 Jan 2026 18:38:06 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 510E 829 B
569 B 224ms
116ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

ESF /

Resource Hash

18f6ba8f4ba65bfaebec6b02eabf00dd530f1e4b0922b627ddfe2d171abe4986

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BOTXq-9y9RoVdtJGCI-cUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BOTXq-9y9RoVdtJGCI-cUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 18:35:35 GMT
expires: Mon, 12 Jan 2026 18:35:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20260109/r20110914/xfa/ Frame 105F 11 KB
4 KB 125ms
125ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260109/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

91d164a84e5e813ad053765a73e454685f4044cda057c0681b027dcf03cce6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

content-encoding: br
etag: 2705432755555315226
age: 10093
x-content-type-options: nosniff
expires: Mon, 26 Jan 2026 15:47:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 12 Jan 2026 15:47:22 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 4221
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 105F 227 KB
70 KB 99ms
98ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

content-encoding: br
etag: 12901288525138330123
age: 2037
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 19:01:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 12 Jan 2026 18:01:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 71561
x-xss-protection: 0
server: cafe

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20260109/r20110914/elements/html/ Frame 105F 12 KB
4 KB 97ms
97ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20260109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ca2b99cf23cbc7f95bb0a69e00a486e3728b60867f375533bebe3f1582fe4c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

content-encoding: br
etag: 12658701453784518442
age: 19868
x-content-type-options: nosniff
expires: Mon, 26 Jan 2026 13:04:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 12 Jan 2026 13:04:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 4407
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 42C7 0
57 B 996ms
416ms Ping
image/gif 142.251.12.120
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~mkbi6t2s&c=1257841106316&slotId=628920553158&ghmsh_eids=95322027%2C95331589%2C95332046
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 200 count
logger.virgul.com/ 0
227 B 63ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_anlikaltinfiyatlari:preroll:303:&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 65ms
65ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_anlikaltinfiyatlari:preroll&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
307 B 342ms
107ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL

https://hbopenbid.pubmatic.com/translator?source=prebid-client&gzip=1

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://89.252.139.221/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials: true
observe-browsing-topics: ?1
pmfcgi-resp: TRUE
access-control-allow-origin: https://89.252.139.221
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 12 Jan 2026 18:35:36 GMT
server: nginx

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 42C7 156 B
143 B 205ms
205ms Fetch
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22596880139%2Fweb_anlikaltinfiyatlari_preroll_FP1&description_url=http%3A%2F%2Fanlikaltinfiyatlari.com&env=vp&correlator=3750960028584691&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&vpmute=1&plcmt=2&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&cust_params=psz%3Dwsm%26site%3Danlikaltinfiyatlari%26env%3Dweb%26mt%3D1768242932965%26r%3D153944%40site_geneli%40anlikaltinfiyatlari%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Danlikaltinfiyatlari%26plm%3Dnull%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.736.0&osd=2&frm=0&vis=1&sdr=1&hl=tr&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=100000445&ptt=20&vo=0&adk=498848531&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.736.0&sid=56133167-A572-4984-96B5-2CF87A26E49C&htps=10&nel=1&eid=95322027%2C95331589%2C95332046&url=null&dlt=1768242932635&idt=2269&dt=1768242935740&cookie_enabled=1&cdm=89.252.139.221&eoidce=1&pvsid=5349629749062769&scor=924717378877249&ged=ve4_td3_tt1_pd3_la3000_er1199.1599.1349.1899_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:35 GMT
content-type: text/xml; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-length: 113
x-xss-protection: 0
server: cafe

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 105F 0
0 355ms
136ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv70m0WEO4TcSACEFdyDpOoGzxWu6TmNmOrSaZBKrbzaWsHUwJVi9InYNW5_4L-R962bmmPR2FSn9ZDgKAZz8pxZOJurUXpvN2vi6bi9y9RthrVXyjCXlq-EvqJmbQu43JHwq_J3hqbKCrCvauun57vVZ1iRR-jxquemzKe_K5gsqy7khc-9rfj9rmb8R4RVOvLUTOwnVE-Dr2BwsyZKcXdUT1Y6BX0c0wwBo_GF4P7-knzKBnCQ0bq8MzjAH4&sai=AMfl-YShZSkSd8Llxj-tYJoezfzkNx9j5Dn-iBsTOFM5SuqTt5UFFC0n2A59aVPRQ8KnO6sii9hgudCdivRUvRaedEuPetNhAnuoTuhkS1_Cjh6QL7P7JOPtTWpZ0ghPOTP1HrokCQwa6_5qD2h_h1bbSzCDoFNStqOhLpASG3NtdFHckKDr13NtCUKJ8qhlr4w-v-bdkkodpQTAIoDtOVkJjxzD3cxlPLZ8fvLb0KGuI0MMpA&sig=Cg0ArKJSzF9f2LnVXL0OEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20260109.26139&arae=1&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 VFc2VJAc.js Show response
ep2.adtrafficquality.google/sodar/ Frame 105F 43 KB
14 KB 257ms
104ms Script
text/javascript 142.251.141.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/VFc2VJAc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.141.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-ai-in-f1.1e100.net

Software

sffe /

Resource Hash

54573654901c495ecf67cc8ffd30108dd6f3a3c7332fd4dba41ab13877b75b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

content-encoding: br
age: 1441
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 19:01:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:11:34 GMT
last-modified: Thu, 13 Mar 2025 04:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 14328
x-xss-protection: 0
server: sffe

GET
H2 200 main.19.8.640.js Show response
static.adsafeprotected.com/ Frame 07D4 270 KB
82 KB 334ms
124ms Script
application/javascript 52.85.65.95
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.640.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/2765965/91978760/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-65-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6207ac1011e2e3f930ad31d652ccf4a7cd65b2ab689091a930ccd96a6c054c10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

content-encoding: gzip
x-amz-version-id: 6YB5SH944TKAgjs3vUYOmu0ruBAXwbEV
etag: W/"b6272abefa4ad0cd492e9d85592ec2c1"
age: 2756857
x-cache: Hit from cloudfront
x-amz-cf-id: hhQLjHe2sJemgZqyCE99UAZJ1Xfg45uWiGdf_g-g9EuQ-pYHAhkd_Q==
date: Thu, 11 Dec 2025 20:47:59 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 11 Dec 2025 17:45:42 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=315360000, immutable
via: 1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 105F 9 KB
7 KB 223ms
118ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20260109/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b012cb42768998ee3d0e7c5630decf90ce832b33bc55c5769981c94a1229a340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 6643
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 count
logger.virgul.com/ 0
227 B 63ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_anlikaltinfiyatlari:preroll:303:&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
64ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_anlikaltinfiyatlari:preroll&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:35 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 42C7 35 KB
6 KB 220ms
219ms Fetch
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22596880139%2Fweb_anlikaltinfiyatlari_preroll&description_url=http%3A%2F%2Fanlikaltinfiyatlari.com&env=vp&correlator=3750960028584691&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&vpmute=1&plcmt=2&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&cust_params=psz%3Dwsm%26site%3Danlikaltinfiyatlari%26env%3Dweb%26mt%3D1768242932965%26r%3D153944%40site_geneli%40anlikaltinfiyatlari%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Danlikaltinfiyatlari%26plm%3Dnull%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.736.0&osd=2&frm=0&vis=1&sdr=1&hl=tr&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=100000445&ptt=20&vo=0&adk=498848531&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.736.0&sid=56133167-A572-4984-96B5-2CF87A26E49C&htps=10&nel=1&eid=95322027%2C95331589%2C95332046&url=null&dlt=1768242932635&idt=2269&dt=1768242935964&cookie_enabled=1&cdm=89.252.139.221&eoidce=1&pvsid=5349629749062769&scor=924717378877249&ged=ve4_td3_tt1_pd3_la3000_er1199.1599.1349.1899_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef4869c615354bab0c78f2bccce4a42694f9b02ac55e386ef153c20ccd270694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

content-encoding: br
google-lineitem-id: 6261009981
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/xml; charset=UTF-8
google-creative-id: 138428636716
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-length: 5672
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 510E 0
17 B 196ms
196ms Image
image/ 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20260107&jk=5349629749062769&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 105F 0
0 197ms
196ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 105F 0
0 197ms
197ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-fallback2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 105F 0
0 196ms
196ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 105F 0
0 196ms
196ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 nvY0coNJsCITZ6DYvJzCF1WR2-rXkr6GR0Z7Am8X-U8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B30 53 KB
21 KB 98ms
98ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nvY0coNJsCITZ6DYvJzCF1WR2-rXkr6GR0Z7Am8X-U8.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

9ef634728349b0221367a0d8bc9cc2175591dbead792be8647467b026f17f94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 152674
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Mon, 11 Jan 2027 00:11:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 11 Jan 2026 00:11:02 GMT
last-modified: Mon, 05 Jan 2026 11:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20985
x-xss-protection: 0
server: sffe

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 105F 0
0 136ms
135ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv70m0WEO4TcSACEFdyDpOoGzxWu6TmNmOrSaZBKrbzaWsHUwJVi9InYNW5_4L-R962bmmPR2FSn9ZDgKAZz8pxZOJurUXpvN2vi6bi9y9RthrVXyjCXlq-EvqJmbQu43JHwq_J3hqbKCrCvauun57vVZ1iRR-jxquemzKe_K5gsqy7khc-9rfj9rmb8R4RVOvLUTOwnVE-Dr2BwsyZKcXdUT1Y6BX0c0wwBo_GF4P7-knzKBnCQ0bq8MzjAH4&sai=AMfl-YShZSkSd8Llxj-tYJoezfzkNx9j5Dn-iBsTOFM5SuqTt5UFFC0n2A59aVPRQ8KnO6sii9hgudCdivRUvRaedEuPetNhAnuoTuhkS1_Cjh6QL7P7JOPtTWpZ0ghPOTP1HrokCQwa6_5qD2h_h1bbSzCDoFNStqOhLpASG3NtdFHckKDr13NtCUKJ8qhlr4w-v-bdkkodpQTAIoDtOVkJjxzD3cxlPLZ8fvLb0KGuI0MMpA&sig=Cg0ArKJSzF9f2LnVXL0OEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=330&vt=11&dtpt=329&dett=2&cstd=0&cisv=r20260109.26139&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 event
ng.virgul.com/ 0
286 B 63ms
63ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/event?a=auct@auct@auct@auct@auct@auct@auct@auct@auct@auct@auct@auct@auct@auct@auct&r=anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari&c=web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_preroll@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_preroll@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_preroll@web_anlikaltinfiyatlari_sidebar_300x250&et=&t=teads@teads@rtbhouse@rtbhouse@onetag@onetag@appnexus@appnexus@appnexus@inmobi@inmobi@inmobi@pubmatic@pubmatic@pubmatic&b=360@361@361@361@364@364@391@391@391@399@399@399@424@424@424&l=&ext=&z=153937@153938@153937@153938@153937@153938@153937@153944@153938@153937@153944@153938@153937@153944@153938&pi=&info=&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&v=https%3A%2F%2F89.252.139.221%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:36 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 Klz6NWr5.html Show response
ep2.adtrafficquality.google/sodar/ Frame 4EB4 35 KB
12 KB 99ms
99ms Document
text/html 142.251.141.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/VFc2VJAc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.141.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-ai-in-f1.1e100.net

Software

sffe /

Resource Hash

2a5cfa356af90e4dc14d89477463deb2c098c826ebc6d74c1577eb3d5973cac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 12007
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 18:10:25 GMT
expires: Mon, 12 Jan 2026 19:00:25 GMT
last-modified: Thu, 13 Mar 2025 04:28:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 42C7 160 B
733 B 356ms
141ms Fetch
text/xml 37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://adx.adform.net/adx/?mid=1672761&t=2&cs=764376711

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

da0d73065db0e49ba577331fed38478e255bd492862885a4550dfb333a4096b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,OPTIONS
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
server: nginx

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame 2B30 0
10 B 98ms
98ms Image
text/plain 142.251.141.97
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?eGn6bQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.141.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tzfraa-ai-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
cross-origin-resource-policy: cross-origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 105F 20 KB
7 KB 310ms
105ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20260109/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 12 Jan 2026 18:35:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H3 200 nvY0coNJsCITZ6DYvJzCF1WR2-rXkr6GR0Z7Am8X-U8.js Show response
ep1.adtrafficquality.google/bg/ Frame 4EB4 53 KB
21 KB 199ms
96ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/bg/nvY0coNJsCITZ6DYvJzCF1WR2-rXkr6GR0Z7Am8X-U8.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

9ef634728349b0221367a0d8bc9cc2175591dbead792be8647467b026f17f94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 520382
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 06 Jan 2027 18:02:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 06 Jan 2026 18:02:34 GMT
last-modified: Mon, 05 Jan 2026 11:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20985
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.ico
89.252.139.221/ 18 KB
10 KB 89ms
88ms Other
image/x-icon 89.252.139.221
NETINTERNET Netin...

General

Check archive.org

Download Go to

Full URL: https://89.252.139.221/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.252.139.221 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
Software: nginx /
Resource Hash: b75b056310c52af2b20bb389430dd44edcb1fd045ffb459c8d82d94dafbec7f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

cache-control: max-age=286400000, public
content-encoding: gzip
permissions-policy: local-network-access=(), local-network=(), bluetooth=(), usb=(), serial=(), hid=(), midi=()
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: image/x-icon
vary: Accept-Encoding, User-Agent
server: nginx
last-modified: Mon, 02 Feb 2015 16:01:11 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 07D4
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/2765965/91978760/skeleton.js?adsafe_url=https%3A%2F%2F89.252.139.221&adsafe_type=y&adsafe_url=https%3A%2F%2F89.252.139.221%2F&adsafe_type=e&adsafe_url=https...
https://static.adsafeprotected.com/skeleton.js

17 B
475 B

101ms
101ms

Script
application/javascript

52.85.65.95
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-65-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: bDXACOfImjYVF6ZWuu7AoLLLip1bTZ_4
age: 19364915
x-cache: Hit from cloudfront
x-amz-cf-id: q-iB1NCjgvnpT20weEklacajcuwe5-6GcpBp-LJG7PbEmj9Gnigm0w==
date: Mon, 02 Jun 2025 15:27:02 GMT
content-type: application/javascript
last-modified: Wed, 28 May 2025 21:18:41 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: no-cache
location: https://static.adsafeprotected.com/skeleton.js
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
pragma: no-cache

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame A679 91 KB
23 KB 108ms
108ms Script
application/javascript 52.85.65.95
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: 696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
URL: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/adview?a=696513282311130e0cd4a531&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv2512181%2Cux1768242932965_1666%2Ccn4gx0&info=&cs=1768242933037&mt=1768242932965&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&vmn=696513282311130e0cd4a531___153941-164983655
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.65.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-65-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

content-encoding: gzip
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
age: 19364915
x-cache: Hit from cloudfront
x-amz-cf-id: hm1jk-QrT7nbueYUwAVNbJHkm5me-JCcssiJVVX2iMAVprm3y7qI7Q==
date: Mon, 02 Jun 2025 15:27:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 7432b1699c051c0940019ac02d9c3902.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 574ms
189ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXdT,pingTime:-3,time:508,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:494%7D,%7Bpiv:0,vs:o,r:l,t:508%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:508,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 568ms
186ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXdU,pingTime:-6,time:509,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:509,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0%7D&tpiLookup=ao:89.252.139.221*&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
178 B 563ms
185ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXe0,pingTime:-2,time:515,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:216,bdZ:717,beA:719,beZ:721,mfA:1201,cmA:1202,inA:1203,inZ:1206,prA:1206,prZ:1210,si:1215,poA:1216,poZ:1222,cmZ:1222,mfZ:1222,loA:1229,loZ:1230,ltA:1235,ltZ:1235,mdA:721,mdZ:1171%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:494%7D,%7Bpiv:0,vs:o,r:l,t:508%7D,%7Bpiv:100,vs:i,r:,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2,o:513,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~160.600%5D%7D%7D,%7Bsl:i,t:513,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0,sinceFw:18,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: image/gif

GET
H2 200 event
ng.virgul.com/ 0
286 B 65ms
65ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/event?a=auct@auct@auct@auct@auct@auct@auct@auct@auct@auct@fauct0@auct@fauct0@auct@auct&r=anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari&c=web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_preroll@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_preroll@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_sidebar_300x250@web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_sidebar_300x250&et=&t=sovrn@sovrn@sovrn@adf@adf@adf@rubicon@rubicon@rubicon@yandex@yandex@yandex@yandex@eskimi@eskimi&b=425@425@425@430@430@430@441@441@441@508@508@508@508@818@818&l=&ext=&z=153937@153944@153938@153937@153944@153938@153937@153937@153938@153937@153937@153938@153938@153937@153938&pi=&info=&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&v=https%3A%2F%2F89.252.139.221%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:36 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 911 B
489 B 171ms
171ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5349629749062769&correlator=841116754319923&hxva=1&scor=674916132752207&eid=31096188%2C31088080%2C83321072&output=ldjh&gdfp_req=1&vrg=202601080101&ptt=17&impl=fif&iu_parts=21728129623%3A22596880139%2Cweb_anlikaltinfiyatlari_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x120%7C970x90%7C970x66%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C728x250%7C728x100%7C468x60%7C414x138%7C414x100%7C412x137%7C412x100%7C390x130%7C390x100%7C375x125%7C375x100%7C360x120%7C360x100%7C320x250%7C320x100%7C320x50%7C300x250%7C300x200%7C300x100%7C300x50%7C250x250%7C234x60%7C200x200%7C180x150%7C125x125%7C120x60%7C120x240%7C88x31&fluid=height&ifi=2&dids=div-gpt-ad-1455783126174-15393&adfs=159866844&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1768242936497&lmt=1768242936&adxs=315&adys=322&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F89.252.139.221%2F&vis=1&psz=1170x-1&msz=1600x-1&fws=132&ohw=1170&psd=WzMxLFtdXQ..&dlt=1768242932635&idt=1005&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&prev_scp=lazyload%3D0%26floortest%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26auc%3Dweb_anlikaltinfiyatlari_masthead%26vb%3D1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Danlikaltinfiyatlari%26mt%3D1768242932965%26pager%3D1%2540site_geneli%2540anlikaltinfiyatlari%253Asite_geneli%26policy%3D0%26host%3D89.252.139.221%26url%3Dhttps%253A%2520%252089.252.139.221%2520%26targetCtr%3D0%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=3888552470&frm=20&eoidce=1&pb_szs=970x250%7C970x120%7C970x90%7C970x66%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C728x250%7C728x100%7C468x60%7C414x138%7C414x100%7C412x137%7C412x100%7C390x130%7C390x100%7C375x125%7C375x100%7C360x120%7C360x100%7C320x250%7C320x100%7C320x50%7C300x250%7C300x200%7C300x100%7C300x50%7C250x250%7C234x60%7C200x200%7C180x150%7C125x125%7C120x60%7C120x240%7C88x31

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js?cb=31096188

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c9bd1c903399c399217f5e8982b18af9858ce02bc75538a89a4d2cf1afae61c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: dcb
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://89.252.139.221
content-length: 460
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 919 B
500 B 172ms
171ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5349629749062769&correlator=1746967659535332&hxva=1&scor=674916132752207&eid=31096188%2C31088080%2C83321072&output=ldjh&gdfp_req=1&vrg=202601080101&ptt=17&impl=fif&iu_parts=21728129623%3A22596880139%2Cweb_anlikaltinfiyatlari_sidebar_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C320x250%7C320x100%7C320x50%7C300x250%7C300x200%7C300x100%7C300x50%7C250x250%7C234x60%7C200x200%7C180x150%7C125x125%7C120x60%7C120x240%7C88x31&fluid=height&ifi=3&dids=div-gpt-ad-1455783126174-15393&adfs=4294393120&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1768242936503&lmt=1768242936&adxs=227&adys=811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F89.252.139.221%2F&vis=1&psz=340x-1&msz=340x-1&fws=644&ohw=340&psd=WzMxLFtdXQ..&dlt=1768242932635&idt=1005&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&prev_scp=lazyload%3D0%26floortest%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26auc%3Dweb_anlikaltinfiyatlari_sidebar_300x250%26vb%3D1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Danlikaltinfiyatlari%26mt%3D1768242932965%26pager%3D1%2540site_geneli%2540anlikaltinfiyatlari%253Asite_geneli%26policy%3D0%26host%3D89.252.139.221%26url%3Dhttps%253A%2520%252089.252.139.221%2520%26targetCtr%3D0%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=231877072&frm=20&eoidce=1&pb_szs=336x280%7C320x250%7C320x100%7C320x50%7C300x250%7C300x200%7C300x100%7C300x50%7C250x250%7C234x60%7C200x200%7C180x150%7C125x125%7C120x60%7C120x240%7C88x31

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js?cb=31096188

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5b8545436e395ede8349a7d5c15e736e6f4b098e0b3ecf538eb1be62ae90fdc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: dcb
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://89.252.139.221
content-length: 471
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame F37B 7 KB
3 KB 228ms
109ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js?cb=31096188

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jan 2026 18:35:36 GMT
expires: Mon, 12 Jan 2026 18:35:36 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 RBNjL7KiWQQsQXMzytoCR4-ZJs2xvvVBJHxHpHXqGK8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AD7 59 KB
22 KB 97ms
97ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RBNjL7KiWQQsQXMzytoCR4-ZJs2xvvVBJHxHpHXqGK8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

4413632fb2a259042c417333cada02478f9926cdb1bef541247c47a475ea18af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
age: 516550
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 06 Jan 2027 19:06:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 06 Jan 2026 19:06:26 GMT
last-modified: Mon, 05 Jan 2026 11:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 22832
x-xss-protection: 0
server: sffe

POST
H2 204 csi
csi.gstatic.com/ Frame 42C7 0
57 B 416ms
416ms Ping
image/gif 142.251.12.120
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~mkbi6t9x&c=1257841106316&slotId=628920553158&met.4=ima_lvp_yvs.mkbi6tms&vast_v=4.2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 / Show response
pubads.g.doubleclick.net/pagead/interaction/ Frame 42C7 42 B
64 B 108ms
107ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bn5pA-D5laZeZA_SZxdwP2r7s6Qi92Yy2RgAAABABIN-38Gk4AVisvPXXgwRgmf6ehrghsgEEbnVsbLoBCzY0MHgzNjBfeG1syAEF2gEMaHR0cDovL251bGwvwAIC4AIA6gIsLzIxNzI4MTI5NjIzL3dlYl9hbmxpa2FsdGluZml5YXRsYXJpX3ByZXJvbGz4AoPSHpADhAeYA8AHqAMB0ASQTuAEAdIFBhC93L2pF5AGAaAGJKgHuL6xAqgH89EbqAeW2BuoB6qbsQKoB5oGqAf_nrECqAffn7ECqAf4wrECqAf7wrECqAfn17EC2AcA4AcB0ggvCIBhEAEYnQEyCIqCgICAgIAIOg2AQIDAgICAgKiAAqgDSL39wTpYqbbRoNKGkgPYCAKACgWYCwGADAGqDQJUUtoNEwieodOg0oaSAxX0TJEFHVofO43qDRMIwMPSoNKGkgMV9EyRBR1aHzuN0BUB-BYBgBcBshkBNQ&sigh=mmK2Z1YlNnk&label=videoplayfailed303&sdkv=h.3.736.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYyNjEwMDk5ODFA5QFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 count
logger.virgul.com/ 0
227 B 65ms
65ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_anlikaltinfiyatlari:preroll:303:&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:36 GMT
x-api-server: n-28
server: openresty/1.15.8.3

POST
H2 200 count
logger.virgul.com/ 0
227 B 63ms
63ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_anlikaltinfiyatlari:preroll&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:36 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 42C7 156 B
143 B 212ms
212ms Fetch
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22596880139%2Fweb_anlikaltinfiyatlari_preroll&description_url=http%3A%2F%2Fanlikaltinfiyatlari.com&env=vp&correlator=3750960028584691&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&vpmute=1&plcmt=2&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&cust_params=psz%3Dwsm%26site%3Danlikaltinfiyatlari%26env%3Dweb%26mt%3D1768242932965%26r%3D153944%40site_geneli%40anlikaltinfiyatlari%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Danlikaltinfiyatlari%26plm%3Dnull%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.736.0&osd=2&frm=0&vis=1&sdr=1&hl=tr&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=100000445&ptt=20&vo=0&adk=498848531&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.736.0&sid=56133167-A572-4984-96B5-2CF87A26E49C&htps=10&nel=1&eid=95322027%2C95331589%2C95332046&url=null&dlt=1768242932635&idt=2269&dt=1768242936584&cookie_enabled=1&cdm=89.252.139.221&eoidce=1&pvsid=5349629749062769&scor=924717378877249&fbidx=-1&ged=ve4_td4_tt2_pd4_la4000_er1199.1599.1349.1899_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/xml; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-length: 113
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
ep1.adtrafficquality.google/pagead/ Frame 4EB4 0
20 B 199ms
198ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar&v=46&t=2&bgai=B81Nd9z5ladv3JofWmLAPl7r5oAwAAAAAOAHgBAI&bg=!RUalRgnNAAZjEgz9QxI7ADQBe5WfOHeYsYIPiMge4QDNojE-a9CNr_2m-5O2X7OpiED6kLZyY8Mvr_RwjtXp_UBHtwnTAgAAAHNSAAAAAWgBB34ANYtXNxvj9r7A1OPjHV81_F83CNO-NwM-_KMR1b8uDX-LMUWtIfZDQMXHtFSr_aCBgvhuMIvRmQKdpDqIfvzCSV03T8S1bCRzbFol-MSsCSIanlyPQmKPvYUuSYVDg2wxg6tgnxaIrTKuBhrlfxg343wfgKBLRzS9_ot9aRpqAfe_g0_DPSDqL2qdvzOBFLZxu_J22-SyoTrlbQvKFNQK7l7-rnIuH19A7LtOqzzwkt5sfnNbCvnbdmQVfvKjJtUBbmYzqEHN7oB1FTMedgjwEruVg2KzQUnDS1QA81LkYL8Gt2U7i-ZRobALoGSTIHQA4b8oM-lRDSLBj7Dhc8-jsUmEhoFgj8XLJzu3z91bQjd9OyjhR2SYUM3IQWp2tOiym1p8-G9MZiTYBz3pwy6MJK9pqrAT05CBQnph2_YS_zzZCpc7YQjsp7ud7f4r-JPVAkB-ZT2nuLQH7CeMdSAsp8SczrHS89hHXAiPlM5fkctzoBlF5VyyIg0iyKZ-1RYVK3sz4kh8gKBcDyKWwSlocp9x8a_2qdLpJDveWabHZRMC2fxyecAc6bARTE3a4y-BAEVCbEOMnl_10pK58Fg_9x0wEgMkZTfsTtEhDtcshQWIfMGET7vfEYXqFWy_gXFQTyr8Atp1iN7uI0C_jibjHELB4CJZ8olEzbhdp-Mh1621TmHMuAlqzlA7dD-VyTopxSA0PeCSwx1KxAGO2mvrgB5CdtKRL68fhdk449fi8WTkHhDNvRYUB-iB5MTBg31CKxJiwCcDlE9SDAjjqqIlgRM7b5YtzzS_509Y8PvzO5UtxFRDuumES804yd7aLyNyMFbXfCYIm2dHsQUR8-9meqCmEgkltjxZ8AFtbvD-fhwYH0gmOo7pYq1uYnolqxvDaqHW-yG1JUjtds3zm0nN6OMij9G4xEykdGGp-dnwr00K075n-VbjmVsYr84PJhNASLt75xW3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
828 B 176ms
175ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5349629749062769&correlator=2577471909227129&hxva=1&scor=674916132752207&eid=31096188%2C31088080%2C83321072&output=ldjh&gdfp_req=1&vrg=202601080101&ptt=17&impl=fif&iu_parts=21728129623%3A22596880139%2Cweb_anlikaltinfiyatlari_page_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&dids=gpt_unit_%2F21728129623%2C22596880&sfv=1-0-45&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1768242936670&lmt=1768242936&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F89.252.139.221%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psd=WzMxLFtdXQ..&dlt=1768242932635&idt=1005&ppid=vnet1e2013a59fbb402fb55828ce4ae18d15&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Danlikaltinfiyatlari%26mt%3D1768242932965%26pager%3D1%2540site_geneli%2540anlikaltinfiyatlari%253Asite_geneli%26policy%3D0%26host%3D89.252.139.221%26url%3Dhttps%253A%2520%252089.252.139.221%2520%26targetCtr%3D0%26pid%3Dvnet1e2013a5-9fbb-402f-b558-28ce4ae18d15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=426105426&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js?cb=31096188

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e62d95736352e2488f77900c880eb90e0103c309c5068aa17bdcfe9ad64825fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: dcb
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://89.252.139.221
content-length: 799
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/ 61 KB
20 KB 96ms
96ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl_page_level_ads.js?cb=31096188

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601080101/pubads_impl.js?cb=31096188

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5a07d64ee3e1f04120b71a660f6e989f83d85899ba74daecdb529b11a9de7d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

content-encoding: br
etag: 8226756263063337161
age: 27145
x-content-type-options: nosniff
expires: Tue, 12 Jan 2027 11:03:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 12 Jan 2026 11:03:11 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 20047
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 188ms
187ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXk0,pingTime:-10,time:887,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTE4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQzLjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1768242936700%7C%7C4b3ed4d6b8983a1cb37f7295411fb291%7C%7C8df1d1e1d2c584e4a01584dbe9251744%7C%7Cbf20bdf30d27997a72e08ae77b52fd93%7C%7C37a613148447137441635586bf645e7b%7C%7C83699b24be32fc2a43beaf2d63114587%7C%7Cc9b42419947b6346832425ae22ba3d9e%7C%7Cce14b30d7228e39e1ae633889f813474%7C%7C1715618633,im:%7Bimprf:%7Bttecl:1251,ecd:251,tsecr:1%7D%7D,sca:%7Beng:b,tss:%7Blts:2026-01-1221.35.36,tzo:-180,tzn:Europe/Istanbul%7D,bdp:%7Bndp:1%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D,exr:%7Bexs:objectExternal%7D,ifr:%7Bact:1,eff:1%7D%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: image/gif

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 212ms
211ms Image
image/ 142.250.185.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20260107&jk=5349629749062769&bg=!iIuli8TNAAZjEgz9QxI7ADQBe5WfOGCftrPJVwHInK4nB-NPqebDMZv4pnaDTJdh5cPdXi8e5hefJhETRVAFLwtd6IYgAgAAAFpSAAAAA2gBB34AN7-Tt_SmVD2oECnRCPUcQQcSigX6tQ55ttDfz9JYUnIZn6OUMT0wBf-1iDZRdGiK1-6ej-51SXMKAKDYBfDUb1lFk-M561zKMgGWxusuILaf7RQQOihkOofPM8o6-DgeFC2HITPzKDEkuXhbqfPxY-1mR0lLLjieXbXYJXA7bki31vhY9b8EbL7IuA_etLxp5Q2rgwN_ecVkJfu272CDuhQmgtBfVAkUKP5SADwJMhBFDsjNMsaOFijabLa8AA05Bh8aMmo-PK3JxQ9YsZO1Zt4wCeIJYN-idPjrmQJEiynVefBqwA0CCBeybgq-0nE-p08w_LDX-GO_f9tTzQneh9kjFZ4NccnZ611SmqFY726MKGCPmEYBEG-3F-ok5yaWm8oJ3pSUP784QQn-UvrcbFKXqzLnsmP9XNFBTufjYn98bacISvGhCV21f8zFPB1CUKo5U8vz6uZH8tWcVgADd3O6rsTX9YKk41pC7RUHvtgwxfncw29FzS0c0DJJw7tbZTczKHx70__FCb7KWfdaxIMFWbk8JadCcaDf-hE_mU3n23eUU7ZNuI0pI7PxihLukc35oP2WKSWEqfS-0mS--13T36Wn07zjV9ZPvbt4RD7u-OUnGlgB6gmr9-GWzKHS5m-Fzi6bNvJJLh4umhYuTyuD6PiKsIMVgHKboQJZO5CIXU_3pQCCPnqv5SQ7Re6e1Um-f0Rq03wsI7AWqIlhLZpwWDCHtrBFyXQ4GQZ4bYNJwN9vPg6-5X1cOkZgoFzxXVig7Lo5eh035j6h0fydj0tMTfCohsMkoJr6Lzo2744cpy_PaUEEpcjCkLE1_QZ_sF22b2wbUbwCAu4eYLMMIZDhxSSzTOMhnT8tUlMM6_6Ad5qE_RkqCuXCTWCDphsC1GkjJpcznuCbUzvk6brQiHWf98R5cDLrqLWMgxwD5NkeQ_KSDpDJHJS9bu9C3jdDmyK2_TV4jMpZ496nirdU8q2uFF2kwDxjUIKyghuOfB3NnlmeXpeCXKucM2A6L1An9iyMW5NkfOnKvyYg6ARz1iyhQGJImaCw2_Q8ThJzweyhBw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 12 Jan 2026 18:35:36 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 187ms
186ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXlf,time:964,type:e,sca:%7Bdvw:%7Bwit:0,wot:0%7D,uai:%7Bent:1%7D,nit:%7Bpqr:denied,ntr:default%7D,cdc:%5B2,2,2,2,0,0,0,0,0,2,0,2,0,0,2,2,2,2%5D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:451,o:513,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~160.600%5D%7D%7D,%7Bsl:i,t:513,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B451~100%5D,as:%5B451~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0,sis:748%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:36 GMT
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 42C7 0
48 B 416ms
416ms Ping
image/gif 142.251.12.120
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~mkbi6tx0&c=1257841106316&slotId=628920553158&faa=1&alp=0&arpa=1&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.736.0_tr.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 12 Jan 2026 18:35:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 200 count
logger.virgul.com/ 0
227 B 64ms
64ms Ping
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_anlikaltinfiyatlari:preroll:303:&o=&iv=&wVID=&info=&os=linux&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=12012026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2021 11:39:44 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:36 GMT
x-api-server: n-28
server: openresty/1.15.8.3

GET
H2 200 event
ng.virgul.com/ 0
286 B 70ms
70ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/event?a=acnt0@acnt0@acnt0&r=anlikaltinfiyatlari@anlikaltinfiyatlari@anlikaltinfiyatlari&c=web_anlikaltinfiyatlari_masthead@web_anlikaltinfiyatlari_preroll@web_anlikaltinfiyatlari_sidebar_300x250&et=&t=&b=818@818@818&l=&ext=&z=153937@153944@153938&pi=&info=&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15&v=https%3A%2F%2F89.252.139.221%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:36 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 105F 42 B
65 B 204ms
204ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-NySj8FttdynDP745_-TWDP29SGgGOn_mZYzEgJombnCf-CMVKsCCQavjdhEM7xQ8txcLnpfe0bmLb-MS1PEPN-6r4QVStqQ11idys7JGjE-ERC_PMdx9lR9edFXUwf1dH6tyyaUAS3p2lW04XOGyRxPPm9FInQ&sig=Cg0ArKJSzFLoVSspIkcLEAE&id=lidar2&mcvt=1000&p=0,0,600,160&tm=1079.1999969482422&tu=79.30000305175781&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6417573600&rst=1768242935465&rpt=614&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 12 Jan 2026 18:35:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 186ms
186ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXud,pingTime:1,time:1520,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:494%7D,%7Bpiv:0,vs:o,r:l,t:508%7D,%7Bpiv:100,vs:i,r:,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1007,o:513,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~160.600%5D%7D%7D,%7Bsl:i,t:513,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:190,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0,sis:748%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:37 GMT
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 188ms
187ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zXud,pingTime:1,time:1520,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:494%7D,%7Bpiv:0,vs:o,r:l,t:508%7D,%7Bpiv:100,vs:i,r:,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1007,o:513,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~160.600%5D%7D%7D,%7Bsl:i,t:513,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:190,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0,sis:748%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:37 GMT
content-type: image/gif

GET
H2 200 696513282311130e0cd4a531
ng.virgul.com/tck/i_vb2/ 0
286 B 64ms
63ms Image
text/plain 185.7.176.222
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/696513282311130e0cd4a531?l=&r=153941@site_geneli@anlikaltinfiyatlari:site_geneli&cs=1768242939100&userId=vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://89.252.139.221/

Response headers

access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
access-control-allow-origin: https://89.252.139.221
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
date: Mon, 12 Jan 2026 18:35:39 GMT
server: openresty/1.15.8.3
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 0980 269 B
379 B 314ms
100ms Document
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.4.65 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Mon, 12 Jan 2026 18:35:39 GMT
etag: "10d-63d602600b800-gzip"
last-modified: Wed, 27 Aug 2025 22:17:04 GMT
server: Apache/2.4.65 (Debian)
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D4A5 2 KB
3 KB 316ms
106ms Document
text/html 51.89.9.252
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1768242936022

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-cache, no-transform no-transform, no-cache
content-length: 2504
content-type: text/html
date: Mon, 12 Jan 2026 18:35:39 GMT
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 040F 21 KB
7 KB 347ms
107ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=84619
content-encoding: gzip
content-length: 7259
content-type: text/html
date: Mon, 12 Jan 2026 18:35:39 GMT
expires: Tue, 13 Jan 2026 18:05:58 GMT
last-modified: Mon, 29 Sep 2025 15:12:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET sync
ittpx.eskimi.com/ Frame 9F24 0
0

GET

sync
sync.inmobi.com/ Frame 4980
Redirect Chain

https://sync.inmobi.com/prebidjs?
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true

0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4432 52 KB
17 KB 243ms
75ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid10.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://89.252.139.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 23548
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Jan 2026 18:35:39 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 10 Sep 2025 11:06:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.24.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 790253, 94164
X-Served-By: cache-lga21982-LGA, cache-sof1510044-SOF
X-Timer: S1768242940.704524,VS0,VE0

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 4432
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
844 B

121ms
121ms

Script
text/html

185.89.210.180
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 195.88.86.118; 195.88.86.118; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 6051dd8f-c94c-420b-aceb-eb7e6954d52d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 12 Jan 2026 18:35:40 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.25.5

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 195.88.86.118; 195.88.86.118; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: daa0140d-4a9c-4d50-9771-042432184608
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 12 Jan 2026 18:35:40 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.25.5

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 0980 45 KB
11 KB 100ms
99ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash: b23a8f4519d958b0b06f3d1598e1293cafe889080db72ec4e092bcceb94a8614

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html

Response headers

cache-control: max-age=30064
content-encoding: gzip
expires: Tue, 13 Jan 2026 02:56:43 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11501
date: Mon, 12 Jan 2026 18:35:39 GMT
last-modified: Mon, 12 Jan 2026 02:56:43 GMT
x-powered-by: PHP/8.3.24
server: Apache/2.4.65 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 geo Show response
ut.pubmatic.com/ Frame 040F 22 B
130 B 349ms
107ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL

https://ut.pubmatic.com/geo?pubid=159432

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

Resource Hash

dfc620c525737adbd2424fcdff0e2b3cc1c958c41b9ecb9d6e0f2debb7adb391

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
access-control-allow-origin: *
cache-control: max-age=172800
content-length: 22
date: Mon, 12 Jan 2026 18:35:40 GMT
content-type: application/json

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 0980 7 B
1 KB 402ms
101ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 , Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: df40cb9bfb4f45b1b7e05d6d84ea3cc4
content-length: 7
content-type: application/json; charset=UTF-8

GET
H2 200 geo Show response
ut.pubmatic.com/ Frame 040F 22 B
0 251ms
251ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=159432
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: dfc620c525737adbd2424fcdff0e2b3cc1c958c41b9ecb9d6e0f2debb7adb391

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=172800
content-length: 22
date: Mon, 12 Jan 2026 18:35:40 GMT
content-type: application/json

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 040F 0
0

GET sync.php
pixel.rubiconproject.com/exchange/ Frame 0980 0
0

GET token
token.rubiconproject.com/ Frame 0980 0
0

GET pixel
cm.g.doubleclick.net/ Frame 0980 0
0

GET token
token.rubiconproject.com/ Frame 0980 0
0

GET rubicon
match.adsrvr.org/track/cmf/ Frame 0980 0
0

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 0980 0
0

GET token
token.rubiconproject.com/ Frame 0980 0
0

GET dcm
s.amazon-adsystem.com/ Frame 0980 0
0

GET rp
match.prod.bidr.io/cookie-sync/ Frame 0980 0
0

GET sync.php
pixel.rubiconproject.com/exchange/ Frame 0980 0
0

GET token
token.rubiconproject.com/ Frame 0980 0
0

GET
H2 206 10622617-270_1-72k.mp4
istr-n3.nktcdn.com/data/videos/10622/ 61 KB
61 KB 65ms
65ms Media
video/mp4 185.7.176.203
PREMIERDC-VERI-ME...

General

Check archive.org

Download Go to

Full URL: https://istr-n3.nktcdn.com/data/videos/10622/10622617-270_1-72k.mp4?token=pan7rv_EYyMrpuoZQy49Fg&ts=2083992055
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.203 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PremierDC Veri Merkezi Anonim Sirketi, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5564d6784c1073303deeefaac61d4d108e90dd9691414dfac7392d5d90a374a1

Request headers

Referer: https://89.252.139.221/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Range: bytes=703668-

Response headers

access-control-allow-origin: *
Content-Length: 62527
date: Mon, 12 Jan 2026 18:35:40 GMT
last-modified: Tue, 21 Sep 2021 09:25:10 GMT
content-type: video/mp4
server: openresty/1.15.8.3
Content-Range: bytes 703668-766194/766195

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4432 0
793 B 109ms
108ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 195.88.86.118; 195.88.86.118; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 309e9a07-5ac3-4065-944f-1187941770cf
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 12 Jan 2026 18:35:40 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.25.5

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 185ms
184ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zYwC,pingTime:5,time:5513,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:494%7D,%7Bpiv:0,vs:o,r:l,t:508%7D,%7Bpiv:100,vs:i,r:,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:513,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~160.600%5D%7D%7D,%7Bsl:i,t:513,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:203,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0,sis:748%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:41 GMT
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 07D4 43 B
177 B 186ms
186ms Image
image/gif 98.87.100.164
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2765965&asId=b4f29ebe-4d93-8480-3611-86d55bb79968&tv=%7Bc:17zYwD,pingTime:5,time:5514,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:494%7D,%7Bpiv:0,vs:o,r:l,t:508%7D,%7Bpiv:100,vs:i,r:,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:513,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:494,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~160.600%5D%7D%7D,%7Bsl:o,t:508,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~160.600%5D%7D%7D,%7Bsl:i,t:513,wc:10.10.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:203,fm:v87d9JP+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.2765965-91978760%7C1811%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:496,nmsd:-1,nph:-1,igt:0,sis:748%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.87.100.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-98-87-100-164.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer: https://696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com/

Response headers

cache-control: no-cache
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-length: 43
pragma: no-cache
date: Mon, 12 Jan 2026 18:35:41 GMT
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?sp_id=137

Domain: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6272673&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=25470

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/rubicon

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2249&pt=n

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=36584

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=18694

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=19564

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=37556&a=1

Verdicts & Comments Add Verdict or Comment

337 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
89.252.139.221/	1969-12-31 23:59:59	Name: pId Value: vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15
.yandex.ru/	1970-01-21 20:46:42	Name: bh Value: YPT9lMsGahncyumIDvKst6UL+/rw5w3r//32D/vMzYcI
static.virgul.com/	1970-01-21 20:46:42	Name: pId Value: vnet1e2013a5-9fbb-402f-b558-28ce4ae18d15
89.252.139.221/	1970-01-21 19:56:18	Name: _ym_uid Value: 1768242933868512520
89.252.139.221/	1970-01-21 19:56:18	Name: _ym_d Value: 1768242933
.mc.yandex.com/	1970-01-21 11:10:43	Name: sync_cookie_csrf Value: 1183088850fake
89.252.139.221/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%2252f1a5ad-d2c6-4bfc-9d92-348569e6086a%22%7D
89.252.139.221/	1970-01-21 11:11:54	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-21 11:10:43	Name: sync_cookie_csrf Value: 2939760258fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1035632281768242933
.yandex.com/	1970-01-21 20:46:42	Name: i Value: /GRLcitBeqdsI0tUPivN8ihYMPjKx+G+fN24J6lUJdaSGCVpIQDmu5dVsug70YDkUFJ9HP9i6bNh0w58WL6oqmSjx6E=
.yandex.com/	1970-01-21 20:46:42	Name: yandexuid Value: 5835551951768242933
.yandex.com/	1970-01-21 20:46:42	Name: yuidss Value: 5835551951768242933
.yandex.com/	1970-01-21 19:56:18	Name: ymex Value: 2083602933.yrts.1768242933#2083602933.yrtsi.1768242933
.yandex.com/	1970-01-21 19:56:18	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 20:46:42	Name: bh Value: KgI/MGD1/ZTLBmoZ3MrpiA7yrLelC/v68OcN6//99g/7zM2HCA==
.tapad.com/	1970-01-21 12:37:06	Name: TapAd_TS Value: 1768242933901
.tapad.com/	1970-01-21 12:37:06	Name: TapAd_DID Value: 94aa40e6-08a6-4d1e-9ad5-4b018717bbaf
.mc.yandex.com/	1970-01-21 11:10:43	Name: sync_cookie_csrf_secondary Value: 1788563667fake
89.252.139.221/	1969-12-31 23:59:59	Name: watchID Value: 1ad26976-5699-4f6d-8a0e-b1f1e52afa7a
89.252.139.221/	1970-01-21 11:53:54	Name: userID Value: d0eb1dd5-ba83-4df4-aa06-f25ab22f4f39
.mc.yandex.ru/	1970-01-21 11:10:43	Name: sync_cookie_csrf_secondary Value: 2979501090fake
.mc.yandex.com/	1970-01-21 11:12:09	Name: sync_cookie_ok_secondary Value: synced
.crwdcntrl.net/	1970-01-21 17:39:29	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-21 17:39:29	Name: _cc_id Value: 3935c1a15e57430dd865926810554593
89.252.139.221/	1970-01-21 11:10:42	Name: lotame_domain_check Value: 89.252.139.221
89.252.139.221/	1970-01-21 17:39:30	Name: _cc_id Value: 3935c1a15e57430dd865926810554593
89.252.139.221/	1970-01-21 11:20:47	Name: panoramaId_expiry Value: 1768847734485
89.252.139.221/	1970-01-21 11:20:47	Name: panoramaId Value: af44c113b1980cb1fe349083a021185ca02c9ab8148ffa4bd2db8f117e1959a3
89.252.139.221/	1970-01-21 11:20:47	Name: panoramaIdType Value: panoDevice
.yandex.ru/	1970-01-21 20:46:42	Name: yandexuid Value: 5835551951768242933
.yandex.ru/	1970-01-21 20:46:42	Name: yuidss Value: 5835551951768242933
.yandex.ru/	1970-01-21 20:46:42	Name: i Value: /GRLcitBeqdsI0tUPivN8ihYMPjKx+G+fN24J6lUJdaSGCVpIQDmu5dVsug70YDkUFJ9HP9i6bNh0w58WL6oqmSjx6E=
89.252.139.221/	1970-01-21 11:10:44	Name: _ym_visorc Value: b
89.252.139.221/	1970-01-21 19:56:18	Name: _pubcid Value: 07ba3288-3630-4908-a3ea-d2461f14ef41
89.252.139.221/	1970-01-21 19:56:18	Name: _pubcid_cst Value: znv0HA%3D%3D
89.252.139.221/	1970-01-21 19:56:18	Name: _ym_uid_cst Value: znv0HA%3D%3D
.id5-sync.com/	1970-01-21 13:20:18	Name: id5 Value: 361bbf33-aff8-7c3a-b849-064e7abc28fb#1768242934924#2
id.ad-plus.com.tr/	1970-01-21 19:56:18	Name: tdid_u Value: 201078.2727212634
89.252.139.221/	1970-01-21 11:12:09	Name: _adplus_id Value: 201078.2727212634
89.252.139.221/	1970-01-21 12:37:06	Name: -unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222026-01-12T18%3A35%3A35%22%7D
89.252.139.221/	1970-01-21 12:37:06	Name: -unifiedid_cst Value: znv0HA%3D%3D
.semasio.net/	1970-01-21 19:56:18	Name: SEUNCY Value: EAAEFB9B6AA6FBA6
.doubleclick.net/	1970-01-21 15:29:54	Name: APC Value: AfxxVi4EhhGW_COg5cdDdDLkKDhIhnyg2HCIAd8t-q4SFGZGk1GS4A
.doubleclick.net/	1970-01-21 20:46:42	Name: IDE Value: AHWqTUk_xzjjt8JKlGdZMv1ZzhnwGNJIRZRHxrCNbgx9lMcUqWmdUCs9iJmVr09t6j4
.criteo.com/	1970-01-21 20:32:18	Name: cto_bundle Value: JXjZQ19rUDJqaU5iUnZRZ3RpNmQlMkJBWWNmY2wyYjlCNiUyQiUyRnNocHZkYWh5R3VRWmRUeHNqMk5nUkZKVWhoUTlGeEp1R1cxJTJGc1VNJTJCanA2QUsyRVdlNTdDWmpuOWt5dVRieWZpY3N5MWtXV3AwM3NqTlElM0Q
89.252.139.221/	1970-01-21 20:32:29	Name: cto_bundle Value: sGLixl9rUXMydXFWendxRUQlMkJvJTJGQnJQTnRHbzN2ZExTUTAzb1pNTVA1TEx1UWpGQzcxbHVYSGxnSEpjeTBoZkJQSVhWbGExZ3BUdTF6TURRcmpHQ2trSkhnRWlUcXF1OVZKRUVhYVN3JTJCVE52dVpsVSUzRA
89.252.139.221/	1970-01-21 20:32:29	Name: cto_bidid Value: VLAnxF9sZTBHcFNDJTJGNUVsakgwckxxOU1Ga1NJeSUyQmF6NzhsaUZveXRRWCUyQmNJTWh0cjNmMHhwRHl4NU9lMDNmRGNEU0Rj
.id5-sync.com/	1970-01-21 13:20:18	Name: 3pi Value: 112#1768242935760#623452054#EAAEFB9B6AA6FBA6
.id5-sync.com/	1970-01-21 11:10:43	Name: cf Value: gif
.id5-sync.com/	1970-01-21 11:10:43	Name: cip Value: 1476
.id5-sync.com/	1970-01-21 11:10:43	Name: cnac Value: 6
.id5-sync.com/	1970-01-21 11:10:43	Name: car Value: 3
.id5-sync.com/	1970-01-21 11:10:43	Name: gdpr Value: 0\|
.teads.tv/	1970-01-21 19:54:52	Name: tt_viewer Value: 831497ac-d679-4979-a733-9ae0abdf97fa
.rubiconproject.com/	1970-01-21 19:56:18	Name: khaos Value: MKBI6TH2-1F-EEQK
.yandex.com/	1970-01-21 19:56:18	Name: yashr Value: 4230087441768242936
.adnxs.com/	1970-01-21 13:20:18	Name: XANDR_PANID Value: 6RfHpK1s9bOiGPBFIkqd4qP7-7Mqu1iyP4sbzvVjMWeymfxuaIGp8bTmXTAQ4dWNAiZEw3qQWqLHp_ClwPwVE3KPl8cDgAro32YUo9r2SwM.
.adnxs.com/	1970-01-21 13:20:18	Name: uuid2 Value: 4129132917847323061
.ads.pubmatic.com/	1970-01-21 11:12:09	Name: KCCH Value: YES
.inmobi.com/	1970-01-21 19:56:18	Name: TEST-COOKIE Value: YES
.rubiconproject.com/	1970-01-21 19:56:18	Name: audit_p Value: 1\|yQuirGeEF6BEYuSHaP5Bx8lM14vKxeIWSLJgiuBy4YEQ21JTBct5U39fCV+8Bb6z/8QzHZTAI8omGweUluV0N26a95g4yWb20A+VO7RH1E0=
.rubiconproject.com/	1970-01-21 19:56:18	Name: khaos_p Value: MKBI6TH2-1F-EEQK
.rubiconproject.com/	1970-01-21 19:56:18	Name: audit Value: 1\|yQuirGeEF6BEYuSHaP5Bx8lM14vKxeIWSLJgiuBy4YEQ21JTBct5U39fCV+8Bb6z/8QzHZTAI8omGweUluV0N26a95g4yWb20A+VO7RH1E0=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'local-network'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1768242933&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2F89.252.139.221%2F&pra=5&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1768242933326&bpp=9&bdt=691&idt=418&shv=r20260107&mjsv=m202601060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1257841106316&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31096043%2C42532523%2C95376583%2C95379897%2C95372614%2C95379058&oid=2&pvsid=5349629749062769&tmod=1142139689&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=212x945_l%7C212x945_r&bz=1&ifi=1&uci=a!1&fsb=1&dtd=433 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://yandex.com/ads/prebid/4435253?imp-id=1&target-ref=89.252.139.221&adapter-version=2.9.0&ssp-id=10500&domain=yandex.com&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://yandex.com/ads/prebid/4435253?imp-id=1&target-ref=89.252.139.221&adapter-version=2.9.0&ssp-id=10500&domain=yandex.com&ssp-cur=TRY Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E018004C350000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/Klz6NWr5.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E018004C350000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30ac63e888b6cdb7f869f53a02f05e95.safeframe.googlesyndication.com
696513282311130e0cd4a531-anlikaltinfiyatlari.advertune.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
adx.adform.net
ap.lijit.com
api.id5-sync.com
api.w.inmobi.com
at.teads.tv
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.imgiz.com
cdn.id5-sync.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csi.gstatic.com
dt.adsafeprotected.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.ad-plus.com.tr
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
istr-n3.nktcdn.com
ittpx.eskimi.com
ittr.eskimi.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
logger.virgul.com
match.adsrvr.org
match.prod.bidr.io
mc.yandex.com
mc.yandex.ru
ng.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pixel.adsafeprotected.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
s.amazon-adsystem.com
s0.2mdn.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
spadsync.com
static.adsafeprotected.com
static.virgul.com
sync.inmobi.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
ut.pubmatic.com
www.google.com
yandex.com
aax-eu.amazon-adsystem.com
cm.g.doubleclick.net
image6.pubmatic.com
ittpx.eskimi.com
match.adsrvr.org
match.prod.bidr.io
pixel.rubiconproject.com
s.amazon-adsystem.com
sync.inmobi.com
token.rubiconproject.com
104.20.23.13
108.138.36.117
108.138.36.46
141.95.98.64
142.250.185.162
142.250.185.98
142.250.186.129
142.250.186.161
142.250.186.162
142.250.186.164
142.251.12.120
142.251.141.106
142.251.141.97
142.251.208.6
151.101.1.108
151.101.2.132
162.19.138.117
162.19.138.120
162.19.223.45
176.235.30.103
178.250.1.12
18.173.162.223
18.203.177.31
185.184.8.90
185.64.189.112
185.64.189.116
185.7.176.203
185.7.176.221
185.7.176.222
185.7.176.223
185.89.210.180
185.89.211.116
216.58.206.34
23.215.23.105
23.88.31.198
3.33.220.150
34.102.243.38
34.248.38.159
34.8.2.179
35.214.234.219
35.241.45.217
37.157.2.14
37.157.2.235
5.255.255.77
51.89.9.252
51.89.9.254
52.49.255.252
52.85.65.95
52.85.67.113
69.173.144.137
69.173.144.138
69.173.156.138
72.246.28.143
77.243.51.121
87.250.251.119
88.221.168.201
88.221.169.246
89.252.139.221
98.87.100.164
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0330296cc0e2ddbd82203eec4b889d81a655182228fbeff9315ac6e9ecea6794
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
10128ae5a08d583b018bd2ecc7495e95797127c095b366daa5e7e5674b32e6c2
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18f6ba8f4ba65bfaebec6b02eabf00dd530f1e4b0922b627ddfe2d171abe4986
1a176954c9a2b527fbcddbdae1c8919fc5cf438712f4c2f00af35c81ea35f27d
269def6f9e07977ebd2de7adfa53a48020934a627108efc2e0f7fbaad1f4ebec
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2a5cfa356af90e4dc14d89477463deb2c098c826ebc6d74c1577eb3d5973cac9
2ac2022c2f17a99849888beec2fbecb6aebc2939eb7e0585cde9a7dcff7e9be4
300f24c4f76ac3478518597353163986fabc045ce91fc030b6120ba0d66c2283
30f178a76f03904df9cacdcb73dd2292e7053ef87a9efa70c1369e33bd7dd638
31fc313fd9908a123cbd106318b90497f5005ce5a6616b6b40b94e283b72c8af
32c76a6e2db9915ca3d9556d4fd3571ad48ccf06faeb8c0390286e767e649a83
355192bdc00aec901d21d6d88b8da686eede9ce0ae8537ed07eb111da58fda7c
3613dc17ef6c6be3704a8cdf93f246dc9869fb27c0a63e97528da83aa9e74d3d
3b8a96527fbf076549d7464bf0c00aafc7053ab01645401f9b615345fe88410e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4277b6d175f18edf06a0ed45a80aaa10bf1e157d3d48927d96ce90dcff9d421a
43be585ed1248bf9988802508984460caaaa6ebedcfd64431375aa6f4f412dfb
4413632fb2a259042c417333cada02478f9926cdb1bef541247c47a475ea18af
441961b14ff5aca804cc1854bad339760b249e06178575d46379628cbf249403
45bc6978e281a938d9485dcbf0859159b24e2f7c9b8b0fafc120b9606e0ea8b1
50bad19af294fe0e8fe629a7b837423ce9d36faa5963bf1dae1789689bec9853
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
544a1746bd7a82b787764f77a0654557de7635aa4b89c320cc1527f2e7a122fd
54573654901c495ecf67cc8ffd30108dd6f3a3c7332fd4dba41ab13877b75b8d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5564d6784c1073303deeefaac61d4d108e90dd9691414dfac7392d5d90a374a1
5a07d64ee3e1f04120b71a660f6e989f83d85899ba74daecdb529b11a9de7d4c
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb
5b8545436e395ede8349a7d5c15e736e6f4b098e0b3ecf538eb1be62ae90fdc6
6207ac1011e2e3f930ad31d652ccf4a7cd65b2ab689091a930ccd96a6c054c10
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66f117b6520d3e0c61570ceba6d4738f95cc3b8f549abdbf15cd16249d00f3a5
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
68278340b8becb384646f4aa57e6f2a5b117e151d76fc414616d6c881343e3f7
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c24c68feff2fb7abad9f942d4a0c54e41814eac4e9545920959b937665c48ec
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2
73b6bc92bb30d26ac26c7f3eccc350f2694260c064cdaf588cdd945a642b16f8
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
87042dfa20f40c2f78e078d8edc8f05ac3302015c6667c20d513603a90851913
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918edcb8f0c66cfc2c1567361e28c35eb66b1117d2705d2544ff1eefcfc3b85f
91cf1a7d1944c9731256d44a0270a8d19e720e502120d49cb84e266c9ed20824
91d164a84e5e813ad053765a73e454685f4044cda057c0681b027dcf03cce6ee
948854ed54787d4a81b80d53f9453a1a64bcb08cd384920c7f068e0c91759765
9527665876ee6fafaacaef065772254afd2bd1343efb0a92e4841637f3d45f1a
987d6c743ae4bcaada24b219379f0640034adafc24d9b48c86b96cc91286c248
9a6b9e1c81f9b6e8e084426f3e2ddcb0fd67615f945b822dfb62f1e7578ebf32
9c1ccfdc0f241348b7629cc5adb1e064f68d570e44518b9e446e20a0817f1429
9c266d60e86e7331175b8e240c819b3aac5619946898bd15a2aa0f41a3d649bc
9ef634728349b0221367a0d8bc9cc2175591dbead792be8647467b026f17f94f
a03b00102a3bd4814d9955b444297fef764ad648c22dea2423f4e4e2cd73b60a
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4dc8b07ba5692a4947b832761ab9574b05786e879e26e09007c8214ebadfec3
a59899a0924925667bceb057832c5a14a20b27c7461a44233d5dbfe9ad418eab
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
aeb3b009a488bdb9577653f671a0914b094f63822ff9ab0eef9b8b37b4d44cae
b012cb42768998ee3d0e7c5630decf90ce832b33bc55c5769981c94a1229a340
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23a8f4519d958b0b06f3d1598e1293cafe889080db72ec4e092bcceb94a8614
b26817f8df59a2da8ce824ecf75e13758c514606a23ae810c6ebce94c9fe2d19
b75b056310c52af2b20bb389430dd44edcb1fd045ffb459c8d82d94dafbec7f4
b75f391c664dda6e6ad400bc96fc23fcacbd9384a95f04c40fb972bbfc58c67a
b7f12cc9640294f6ad730130b6b4317aa9c962c5d29a3e441d21cd4e7859a099
bc7e0937c0b647ec1a34662ac88beebc6993c7dd25249f48f8fb1f906fc60430
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bec69aac32b0610002fb7700beae6e48203bcaa48a4c919ec896ae86198f74bc
bf1d1277e586d598b54b39a96a2f4af06eadf5231aa97c856a8d748553f215fa
c686b95a4b71019932e1cbe9ba8892d3bf9363db2a89ce04d51b35b9c0068b5d
c78fcbb42d2ae5491966016786fd3dda5615d70721c0563fe662aaba97bbfce8
c9bd1c903399c399217f5e8982b18af9858ce02bc75538a89a4d2cf1afae61c5
ca2b99cf23cbc7f95bb0a69e00a486e3728b60867f375533bebe3f1582fe4c62
cbe61bf5fba0ef58465f10d0f5a9c57877e0bffd14608313302d2d4c1b7ddc43
ccf1b65be81c6ecd6b68b6b1cb2ef930a828a8347ad8b82a75c0429d98f3055a
cf00fbfd9455a27303770e15eef8e0a6c37f12f3d88644eed489dd95c37781c9
cf60345b955ac106d87ed26a2f73cb9bd0281293dab0f9a1b5b06e27d5064374
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2606f1adbb264b519f75677cc657769aec5ade90d45481f2dc0c611b064506f
d2ce76fb0ee89f79b30956afec1845e799eeed3ea16661071019cbee54d3c630
d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026
d815e34a807642504201337c01936d0c36142afd47c2f151fd623395629c0b80
d8ac53c01f3b719cf4a15652012d0d8b27e52c8593f1f1b15c44e5852ac1a060
d913c3fdba2c69b445128ecd059a16ac74ad21407da744278ef8cccda5fe7cb7
da0d73065db0e49ba577331fed38478e255bd492862885a4550dfb333a4096b0
dc440221fb7f67271cfc615e883d0c96d6190a235cc27beb73d0b7f45e76e53c
de8705871a043bae87f2a8f1cc7fccac21ae5ac6eb9dab0f92691cd38906bf6d
dfc620c525737adbd2424fcdff0e2b3cc1c958c41b9ecb9d6e0f2debb7adb391
e01a4dbd1f4660324ac5478eb025f06ae232afee0e1b81b722c1fd34cde182e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9
e62d95736352e2488f77900c880eb90e0103c309c5068aa17bdcfe9ad64825fe
ead31ef483b11c49a41312470873cbbbc82680a1671bbfbb6917d871107c957f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4869c615354bab0c78f2bccce4a42694f9b02ac55e386ef153c20ccd270694
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f4f3947815b7b98f3247d5e1e9299de4242f0d145c9a467046ff961cb14fb438
f63d1e66452399032fe869bce67102428e4da6ceff351b012eaedbdfb4b8087f
f96cd163f5cee87cd8c1c248d408e26113afc87f21a2906fd77eba4e5e6e5712

89.252.139.221 Open in urlscan Pro 89.252.139.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

82 %HTTPS

0 %IPv6

37 Domains

70 Subdomains

59 IPs

10 Countries

2326 kBTransfer

7556 kBSize

64 Cookies

46 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

89.252.139.221 Open in urlscan Pro
89.252.139.221 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

82 %
HTTPS

0 %
IPv6

37
Domains

70
Subdomains

59
IPs

10
Countries

2326 kB
Transfer

7556 kB
Size

64
Cookies

206 HTTP transactions
2 data transactions