credit.sondakikaturkey.com Open in urlscan Pro
198.13.41.195 Public Scan

Software

cafe /

Resource Hash

e97a0ee32d59f2065499543ea421a3fc111160e4cdd6f395661c024736a182e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Origin: https://credit.sondakikaturkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52753
x-xss-protection: 0
server: cafe
etag: 9702781409163281622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 11 Aug 2024 00:22:18 GMT

GET
H2 200 style.min.css
credit.sondakikaturkey.com/wp-includes/css/dist/block-library/ 110 KB
13 KB 42ms
32ms Stylesheet
text/css 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 08:07:59 GMT
server: LiteSpeed
etag: "1b723-66a0b65f-219fd;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13595
expires: Sun, 18 Aug 2024 00:22:18 GMT

GET
H2 200 owl.carousel.min.css
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/css/ 3 KB
873 B 41ms
32ms Stylesheet
text/css 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/css/owl.carousel.min.css?ver=2.2.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 8608c63311f463ed5cb19febda4aaedc756eba9516c345375e5a7e56ec67a46e

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "b7d-6667fe8b-222f0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 787
expires: Sun, 18 Aug 2024 00:22:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 104ms
49ms Stylesheet
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CCormorant+Garamond%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%7CCormorant+Garamond%3Aregular

Requested by

Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b27b40858d99fc426979e7a04fb6b5a25d741a911903b0c1d4d1bb1340093e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 00:22:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Aug 2024 00:22:18 GMT

GET
H2 200 style.css
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/ 133 KB
18 KB 40ms
33ms Stylesheet
text/css 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/style.css?ver=1.3.6
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: cbb0585579472ab396551c63c2b2be671de99f7199f3a3363802efe0463c14c4

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "21331-6667fe8b-22382;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18477
expires: Sun, 18 Aug 2024 00:22:18 GMT

GET
H2 200 jquery.min.js Show response
credit.sondakikaturkey.com/wp-includes/js/jquery/ 86 KB
29 KB 41ms
34ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:29:53 GMT
server: LiteSpeed
etag: "15601-6667fcf1-21bde;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29597

GET
H2 200 jquery-migrate.min.js Show response
credit.sondakikaturkey.com/wp-includes/js/jquery/ 13 KB
5 KB 43ms
36ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:29:53 GMT
server: LiteSpeed
etag: "3509-6667fcf1-21bd8;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4679

GET
H2 200 all.min.js Show response
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/ 2 MB
563 KB 43ms
36ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/all.min.js?ver=6.1.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: c1b79a046062699d13f8f357fe188c26f595c3166016b3010efed03189a400d3

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "1a58e9-6667fe8b-22345;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 576411

GET
H2 200 v4-shims.min.js Show response
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/ 26 KB
7 KB 103ms
98ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/v4-shims.min.js?ver=6.1.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 74110cf04c05b69b63f47ec3b5d7abb4fc7cefcf82a5bc8001c35eb501cc2d04

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "6629-6667fe8b-22351;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7032

GET
H2 200 owl.carousel.min.js Show response
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/ 42 KB
10 KB 105ms
100ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/owl.carousel.min.js?ver=2.0.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "a714-6667fe8b-2234f;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10588

GET
H2 200 owlcarousel2-a11ylayer.min.js Show response
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/ 4 KB
1 KB 106ms
102ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/owlcarousel2-a11ylayer.min.js?ver=0.2.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: e3722052d34b931f3204a6ba64f98635ff9832ee9ad971ec881bd86b0f83c8ad

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "f53-6667fe8b-22350;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1146

GET
H2 200 imagesloaded.min.js Show response
credit.sondakikaturkey.com/wp-includes/js/ 5 KB
2 KB 105ms
101ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:29:54 GMT
server: LiteSpeed
etag: "1590-6667fcf2-21cf7;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1687

GET
H2 200 masonry.min.js Show response
credit.sondakikaturkey.com/wp-includes/js/ 24 KB
7 KB 108ms
104ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:29:54 GMT
server: LiteSpeed
etag: "5e4a-6667fcf2-21ce2;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7101

GET
H2 200 custom.min.js Show response
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/ 3 KB
1 KB 107ms
105ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/custom.min.js?ver=1.3.6
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 52a1b9a9038920c951ea0d763443a7be4326d9203f447b194281fb933c15dbe7

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "bca-6667fe8b-2234d;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1101

GET
H2 200 modal-accessibility.min.js Show response
credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/ 6 KB
2 KB 105ms
103ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-content/themes/blossom-pin/js/modal-accessibility.min.js?ver=1.3.6
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: ce9c2f5e20727439285b83e64b2e18337dbacdbc7f6ca55609f4c6af366d577d

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:36:43 GMT
server: LiteSpeed
etag: "17f5-6667fe8b-2234e;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1860

GET
BLOB 200
OK 5d99be32-9096-4325-bd71-9d35260ff4e4
https://credit.sondakikaturkey.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://credit.sondakikaturkey.com/5d99be32-9096-4325-bd71-9d35260ff4e4
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 75ms
11ms Font
font/woff2 2404:6800:400a:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900%2C200italic%2C300italic%2Citalic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CCormorant+Garamond%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%7CCormorant+Garamond%3Aregular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://credit.sondakikaturkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 06:03:19 GMT
x-content-type-options: nosniff
age: 152339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Aug 2025 06:03:19 GMT

GET
H2 200 co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 20 KB
20 KB 83ms
20ms Font
font/woff2 2404:6800:400a:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://credit.sondakikaturkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 06:26:18 GMT
x-content-type-options: nosniff
age: 150960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20648
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:18:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Aug 2025 06:26:18 GMT

GET
H2 200 co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 20 KB
20 KB 87ms
24ms Font
font/woff2 2404:6800:400a:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15b441759854e4477fe214540848ceb993199d31c04bc59691dde7ed5621eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://credit.sondakikaturkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 06:15:58 GMT
x-content-type-options: nosniff
age: 151580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20168
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:13:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Aug 2025 06:15:58 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/ 423 KB
143 KB 118ms
72ms Script
text/javascript 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7323443199738186

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8357e7a5634cb0949da1193316f9544e5b59b16bed601328c757551e366aeb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145931
x-xss-protection: 0
server: cafe
etag: 10313542766809996731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:22:18 GMT

GET
H3 200 wp-emoji-release.min.js Show response
credit.sondakikaturkey.com/wp-includes/js/ 18 KB
5 KB 58ms
58ms Script
text/javascript 198.13.41.195
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.sondakikaturkey.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.13.41.195 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 198.13.41.195.vultrusercontent.com
Software: LiteSpeed /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:18 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 07:29:54 GMT
server: LiteSpeed
etag: "4926-6667fcf2-21d12;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4630

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/ Frame B20C 0
0 53ms
9ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 3834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Aug 2024 23:18:24 GMT
etag: 3784890935487277381
expires: Sat, 24 Aug 2024 23:18:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7C9C 0
0 145ms
114ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7323443199738186&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723335738&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcredit.sondakikaturkey.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~32_18~27_4~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723335738479&bpp=22&bdt=189&idt=254&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2865234060563&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085990%2C42531706%2C95332923%2C95334528%2C95334829%2C95337869%2C95338229%2C31084184%2C95339231%2C95336267%2C95339401%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2965004623447312&tmod=95845858&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:18 GMT
expires: Sun, 11 Aug 2024 00:22:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4DEF 0
0 117ms
102ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7323443199738186&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1723335738&rafmt=1&to=qs&pwprc=6760183187&format=1200x280&url=https%3A%2F%2Fcredit.sondakikaturkey.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723335738501&bpp=1&bdt=211&idt=264&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=2865234060563&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085990%2C42531706%2C95332923%2C95334528%2C95334829%2C95337869%2C95338229%2C31084184%2C95339231%2C95336267%2C95339401%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2965004623447312&tmod=95845858&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:18 GMT
expires: Sun, 11 Aug 2024 00:22:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-7323443199738186 Show response
fundingchoicesmessages.google.com/i/ 203 KB
67 KB 162ms
100ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7323443199738186?href=https%3A%2F%2Fcredit.sondakikaturkey.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

185d9fa0d5d3c5f5a74d66b56bed6d7c8fde9f89112f5b1e60a22abdaaf30d0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1c-9inA8QQ85Z0-900cHKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-1c-9inA8QQ85Z0-900cHKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDl2dzzYyiYwo62LU0kjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjEwMLAQs_AJL7AAAA7HT6v"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42532806&hl=en&pvc=2965004623447312

Requested by

Host: credit.sondakikaturkey.com
URL: https://credit.sondakikaturkey.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 00:22:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 100ms
50ms XHR
text/html 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.Vo7sfsZTIjc.es5.O/am=XDA/d=1/rs=AJlcJMwxjGDgx3CcdXPcJ2r0qWwUqctyIA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j2OFJOgAwxXc8M9PyFhJjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j2OFJOgAwxXc8M9PyFhJjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw0JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIibY3fHg61sAi_m7EtTcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFgYWegZm8QUGAGJuNCk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://credit.sondakikaturkey.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVMa0Bf1MTuRrSxOmR_G93Xj_n6aHNEkESdc1YdlqX8zEr9sCrDtxfCwbFGI7Tp6n8zBhNqZ_7Tycxrn0dCl8XU6f5iEkIB98ZDNtNZ9LXxGf01OoJYBB-4ZosCjRB-596fa6j-IQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 69ms
68ms Script
application/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVMa0Bf1MTuRrSxOmR_G93Xj_n6aHNEkESdc1YdlqX8zEr9sCrDtxfCwbFGI7Tp6n8zBhNqZ_7Tycxrn0dCl8XU6f5iEkIB98ZDNtNZ9LXxGf01OoJYBB-4ZosCjRB-596fa6j-IQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMzM1NzM5LDE2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jcmVkaXQuc29uZGFraWthdHVya2V5LmNvbS8iLG51bGwsW1s4LCJWbzdzZnNaVElqYyJdLFs5LCJqYSJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODhdLDAsMTddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d945276f84f4efc7c6df49cfb5f11b253974795db58f45254a3f64a55d7c1e9b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lkmKWv2U-qMR2D2bIAX78g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lkmKWv2U-qMR2D2bIAX78g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDl2dzzYyiZwYfOhZCWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTAwsDCz0Dk_gCAwBl1D-m"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 581F 0
0 80ms
80ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7323443199738186&output=html&h=280&adk=3167344032&adf=2490836127&pi=t.aa~a.2670326668~rp.4&w=365&abgtt=6&fwrn=4&fwrnh=100&lmt=1723335739&rafmt=1&to=qs&pwprc=6760183187&format=365x280&url=https%3A%2F%2Fcredit.sondakikaturkey.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723335738931&bpp=1&bdt=641&idt=-M&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D410037f8012f49d9%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_MYNX_K4uEryFsOiSZ20GYtDrdJCww&gpic=UID%3D00000ebca91bb133%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_Ma3OL7b5kw9HmId_2CX3ssgIvBoqQ&eo_id_str=ID%3Dc09840b89ea9b14d%3AT%3D1723335738%3ART%3D1723335738%3AS%3DAA-AfjZM_at4S9-b-TWRKJ0_sOzg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2865234060563&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085990%2C42531706%2C95332923%2C95334528%2C95334829%2C95337869%2C95338229%2C31084184%2C95339231%2C95336267%2C95339401%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2965004623447312&tmod=95845858&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=232

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:19 GMT
expires: Sun, 11 Aug 2024 00:22:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 54A6 0
0 102ms
102ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7323443199738186&output=html&h=280&adk=2551281436&adf=2786934717&pi=t.aa~a.4111221322~rp.4&w=365&abgtt=6&fwrn=4&fwrnh=100&lmt=1723335739&rafmt=1&to=qs&pwprc=6760183187&format=365x280&url=https%3A%2F%2Fcredit.sondakikaturkey.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723335738931&bpp=1&bdt=641&idt=-M&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D410037f8012f49d9%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_MYNX_K4uEryFsOiSZ20GYtDrdJCww&gpic=UID%3D00000ebca91bb133%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_Ma3OL7b5kw9HmId_2CX3ssgIvBoqQ&eo_id_str=ID%3Dc09840b89ea9b14d%3AT%3D1723335738%3ART%3D1723335738%3AS%3DAA-AfjZM_at4S9-b-TWRKJ0_sOzg&prev_fmts=0x0%2C1200x280%2C365x280&nras=4&correlator=2865234060563&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085990%2C42531706%2C95332923%2C95334528%2C95334829%2C95337869%2C95338229%2C31084184%2C95339231%2C95336267%2C95339401%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2965004623447312&tmod=95845858&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:19 GMT
expires: Sun, 11 Aug 2024 00:22:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A7EB 0
0 89ms
89ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7323443199738186&output=html&h=280&adk=2767623100&adf=1895050411&pi=t.aa~a.1372487962~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1723335739&rafmt=1&to=qs&pwprc=6760183187&format=1200x280&url=https%3A%2F%2Fcredit.sondakikaturkey.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723335738931&bpp=1&bdt=641&idt=-M&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D410037f8012f49d9%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_MYNX_K4uEryFsOiSZ20GYtDrdJCww&gpic=UID%3D00000ebca91bb133%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_Ma3OL7b5kw9HmId_2CX3ssgIvBoqQ&eo_id_str=ID%3Dc09840b89ea9b14d%3AT%3D1723335738%3ART%3D1723335738%3AS%3DAA-AfjZM_at4S9-b-TWRKJ0_sOzg&prev_fmts=0x0%2C1200x280%2C365x280%2C365x280&nras=5&correlator=2865234060563&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085990%2C42531706%2C95332923%2C95334528%2C95334829%2C95337869%2C95338229%2C31084184%2C95339231%2C95336267%2C95339401%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2965004623447312&tmod=95845858&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=242

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:19 GMT
expires: Sun, 11 Aug 2024 00:22:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8A83 0
0 104ms
104ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7323443199738186&output=html&h=90&adk=3130937508&adf=1841643153&pi=t.aa~a.697687507~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1723335739&rafmt=1&to=qs&pwprc=6760183187&format=1200x90&url=https%3A%2F%2Fcredit.sondakikaturkey.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723335738931&bpp=1&bdt=640&idt=1&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D410037f8012f49d9%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_MYNX_K4uEryFsOiSZ20GYtDrdJCww&gpic=UID%3D00000ebca91bb133%3AT%3D1723335738%3ART%3D1723335738%3AS%3DALNI_Ma3OL7b5kw9HmId_2CX3ssgIvBoqQ&eo_id_str=ID%3Dc09840b89ea9b14d%3AT%3D1723335738%3ART%3D1723335738%3AS%3DAA-AfjZM_at4S9-b-TWRKJ0_sOzg&prev_fmts=0x0%2C1200x280%2C365x280%2C365x280%2C1200x280&nras=6&correlator=2865234060563&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4063&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085990%2C42531706%2C95332923%2C95334528%2C95334829%2C95337869%2C95338229%2C31084184%2C95339231%2C95336267%2C95339401%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2965004623447312&tmod=95845858&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:19 GMT
expires: Sun, 11 Aug 2024 00:22:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxU6t6o4un0I5crmZjx8PFKLzCP6M7EhtimpCibgcRksmkAp7ZijI6zk0ajtlYT8S6nkx36QH6Pl5DntlYkLiHVbpnHucnJYAK8KXoSjwSKEY1N0HKmdsKBmDV6RU_rn7RYfB2bDaQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 73ms
72ms Script
application/javascript 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU6t6o4un0I5crmZjx8PFKLzCP6M7EhtimpCibgcRksmkAp7ZijI6zk0ajtlYT8S6nkx36QH6Pl5DntlYkLiHVbpnHucnJYAK8KXoSjwSKEY1N0HKmdsKBmDV6RU_rn7RYfB2bDaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMzM1NzM5LDI0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vY3JlZGl0LnNvbmRha2lrYXR1cmtleS5jb20vIixudWxsLFtbOCwiVm83c2ZzWlRJamMiXSxbOSwiamEiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTg4XSwwLDE3XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abcaa7fe2afc68da516454351ede9d84248c0f668043cdb42c6a773036e84233

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CwdPHoNGhqJAJ4_DY8QpDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-CwdPHoNGhqJAJ4_DY8QpDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDh2dzzYyibQMfdvD6OSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGFgYWegUl8gQEAlBo_qA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
12 KB 63ms
63ms XHR
application/json 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c7f708188ee6d00915d9be9c7fcdb7dd05c972b916db2968c7590f58510f46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12770
x-xss-protection: 0

GET favicon.ico
credit.sondakikaturkey.com/ 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 165ms
87ms Script
text/javascript 2404:6800:400a:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 00:22:19 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DD2 0
0 63ms
10ms Document
text/html 2404:6800:400a:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 167521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Aug 2024 01:50:18 GMT
expires: Sat, 09 Aug 2025 01:50:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 8F95 0
0 95ms
52ms Document
text/html 142.250.206.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0x0qmE8ekhJ_F4dW3LqpYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://credit.sondakikaturkey.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0x0qmE8ekhJ_F4dW3LqpYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Aug 2024 00:22:19 GMT
expires: Sun, 11 Aug 2024 00:22:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads.bmp Show response
fundingchoicesmessages.google.com/f/AGSKWxUJMiFAg10NWyKY5x7oRPEQSZokgMYOFEeM9LDYYW15O6e-sBkTW2IUnVetk0NRWjD5zNCIbk9pRmzyGzueTitDNSxVvqHhmDQvbQXyx5WXe_a04p_9bD37l8FV8cUP8UNtY-wSBNlKGNcUb-BY_BP9ZPwht... 54 B
108 B 58ms
57ms Script
application/javascript 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUJMiFAg10NWyKY5x7oRPEQSZokgMYOFEeM9LDYYW15O6e-sBkTW2IUnVetk0NRWjD5zNCIbk9pRmzyGzueTitDNSxVvqHhmDQvbQXyx5WXe_a04p_9bD37l8FV8cUP8UNtY-wSBNlKGNcUb-BY_BP9ZPwhtRn_EJZZ7_iIBRxBWgY8cdFn6WREbCc0/_/ads.bmp?/iabadvertisingplugin.swf=advertorial&/AdZonePlayerRight2./IBNjspopunder.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.Vo7sfsZTIjc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzCjEZ2etnhwotEHnb1amc0vCjEug/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9121aa597680a3480efdda085cf4f197e5099f2fde60bfab0b6c3dd54cbbb9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WhXoC2XPMcFqu5ZxjdILJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-WhXoC2XPMcFqu5ZxjdILJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDh2dzzYyibQ0bTxDLOSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGFgYWegUl8gQEAjdY_hA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
52 KB 74ms
73ms Script
text/javascript 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a23033b74ae90f2aaf80ac6ea79b29af1e8e77079833fd8b952886e65d0dee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52753
x-xss-protection: 0
server: cafe
etag: 6032509935327413888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 11 Aug 2024 00:22:19 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tYVzXNsZjhH0PR6Ta8Ogdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Aug 2024 00:22:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tYVzXNsZjhH0PR6Ta8Ogdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw15BicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY3fHg61sAg8eLT7DrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDCwMLPQMzOILDACpNDS9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://credit.sondakikaturkey.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pcs36zdJlw6ONsksc7wpjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Aug 2024 00:22:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-pcs36zdJlw6ONsksc7wpjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw0ZBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIibY0_Hg61sAi-W_OdScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFgYWegZm8QUGAF_mNBs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://credit.sondakikaturkey.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--UXBammCyZnkL_GZeYxT1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Aug 2024 00:22:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--UXBammCyZnkL_GZeYxT1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII0pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIibY0_Hg61sAh-ufZVScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFgYWegZm8QUGAHl6NGk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://credit.sondakikaturkey.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--QJHembh-2JhOt14VS498w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Aug 2024 00:22:20 GMT
content-security-policy: script-src 'report-sample' 'nonce--QJHembh-2JhOt14VS498w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw1pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIibY0_Hg61sAg1XH0sruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxMDCwMLPQOz-AIDAEwfM9g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://credit.sondakikaturkey.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXuNB2Bo9OOI1pOa4ssXjbOJmPtob_4fFXNyxvrbeKhyWkirPAot0J0LeBHIRI95HhlXMWjxEyN734kaC_pgSEytgScEDTxZHWrVn5jxia4HKJ3TH8F_-go5PFmiGQN2HcKwfiFEw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 60ms
59ms Script
application/javascript 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXuNB2Bo9OOI1pOa4ssXjbOJmPtob_4fFXNyxvrbeKhyWkirPAot0J0LeBHIRI95HhlXMWjxEyN734kaC_pgSEytgScEDTxZHWrVn5jxia4HKJ3TH8F_-go5PFmiGQN2HcKwfiFEw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMzM1NzQwLDMxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2NyZWRpdC5zb25kYWtpa2F0dXJrZXkuY29tLyIsbnVsbCxbWzgsIlZvN3Nmc1pUSWpjIl0sWzksImphIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE4OF0sMCwxN10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26786fa4557ded1b09552e7b2cedea1626fe81a005e1eb7bd27c912ceda49b51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7UTOeMD3YPuvnsNkBO5TKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 00:22:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7UTOeMD3YPuvnsNkBO5TKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDn2dDzYyiaw4tIceSWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTAwsDCz0Dk_gCAwBMST8q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV8Ofz-2gLXQewoI0g6C9GuQmt589NpdRari01cQVu2y3JkiW67y1YjfW6cIwtay59JjK5-hDnSkqeYi6VgY-irhmF1pLAaHZ_Zc-XFWj-B6ToYX1c2IVdheya7GwyUAFqrSxq6SQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV8Ofz-2gLXQewoI0g6C9GuQmt589NpdRari01cQVu2y3JkiW67y1YjfW6cIwtay59JjK5-hDnSkqeYi6VgY-irhmF1pLAaHZ_Zc-XFWj-B6ToYX1c2IVdheya7GwyUAFqrSxq6SQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kbWmjX-zGpJhWLvsGSfpXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.sondakikaturkey.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Aug 2024 00:22:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kbWmjX-zGpJhWLvsGSfpXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII0pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIibY0_Hg61sAgt2nbRQcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFgYWegZm8QUGAFZQM-8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://credit.sondakikaturkey.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVwB1DJXamTDXSUToExbUQuYSgfbQ1q222QDuDtf8uHz4Cl1KQ_iGB_vLJrd5d3pfSt4obH1I-U8bHGtDkKDVSlUfna_TiUC7-6buT8bulBDAsWlbcb-rVliHjT7WV39xLKyQf3xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS