www.star.com.tr Open in urlscan Pro
2606:4700:20::681a:671 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Submission: On May 14 via api (May 14th 2023, 11:47:48 pm UTC) from US — Scanned from DE

Summary HTTP 266 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 48 IPs in 8 countries across 34 domains to perform 266 HTTP transactions. The main IP is 2606:4700:20::681a:671, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.star.com.tr. The Cisco Umbrella rank of the primary domain is 410718.
TLS certificate: Issued by GTS CA 1P5 on April 28th 2023. Valid for: 3 months.

This is the only time www.star.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:20:... 2606:4700:20::681a:671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3038::6815:eb63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
9 17	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:303... 2606:4700:3032::6815:5d29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
12	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
13	18.203.131.238 18.203.131.238	16509 (AMAZON-02) (AMAZON-02)
2	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
3	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
4	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
11	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1	143.204.215.43 143.204.215.43	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
3	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 4	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
2	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
3	18.132.62.161 18.132.62.161	16509 (AMAZON-02) (AMAZON-02)
1 4	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:225e:fe00:c:6264:8240:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.157.4.70 108.157.4.70	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
5	13.224.189.85 13.224.189.85	16509 (AMAZON-02) (AMAZON-02)
6	52.56.180.81 52.56.180.81	16509 (AMAZON-02) (AMAZON-02)
266	48

9 2606:4700:20::681a:671 (United States)

ASN13335 (CLOUDFLARENET, US)

www.star.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgz.star.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3038::6815:eb63 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.turkmedya.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

imgs.stargazete.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Moscow, Russian Federation) 9 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5d29 (United States)

ASN13335 (CLOUDFLARENET, US)

sc.cdnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

62507208943cf4d9522f918611812145.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.48.214 (Krefeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-43.fra53.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:d0a:2321::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.132.62.161 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.45.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:fe00:c:6264:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)

htlp.emp.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.70 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-70.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.189.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-85.fra2.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.56.180.81 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-180-81.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	319 KB
27	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	245 KB
23	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33010 hal900013.redintelligence.net — Cisco Umbrella Rank: 253225 hal900018.redintelligence.net — Cisco Umbrella Rank: 370567 hal900016.redintelligence.net — Cisco Umbrella Rank: 207610	168 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 375	327 KB
13	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 11862	60 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	286 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	170 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	7 KB
9	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19754 api.webgains.io — Cisco Umbrella Rank: 53004	94 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	492 KB
9	star.com.tr www.star.com.tr — Cisco Umbrella Rank: 410718 imgz.star.com.tr	151 KB
8	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4619 pixel.mathtag.com — Cisco Umbrella Rank: 1097	7 KB
8	turkmedya.com.tr assets.turkmedya.com.tr — Cisco Umbrella Rank: 805933	252 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8724	3 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	6 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	5 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4217 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 3374	132 KB
6	stargazete.com imgs.stargazete.com — Cisco Umbrella Rank: 820562	168 KB
5	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 869	18 KB
4	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 17733	3 KB
4	retailads.net 2 redirects cdn.retailads.net — Cisco Umbrella Rank: 140982	11 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	210 KB
4	yandex.com.tr 2 redirects mc.yandex.com.tr — Cisco Umbrella Rank: 92867	639 B
4	google.de www.google.de — Cisco Umbrella Rank: 5171 adservice.google.de — Cisco Umbrella Rank: 7680	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 55691	9 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 29871	6 KB
3	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 200925	3 KB
2	futalis.de futalis.de — Cisco Umbrella Rank: 216608	801 B
1	emp.de htlp.emp.de — Cisco Umbrella Rank: 437599	3 KB
1	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5288	230 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 921	9 KB
1	cdnstr.com sc.cdnstr.com	565 B
266	34

	Domain	Requested by
29	tpc.googlesyndication.com	www.star.com.tr securepubads.g.doubleclick.net 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com googleads.g.doubleclick.net
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
12	hal9000.redintelligence.net	www.star.com.tr 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com hal900013.redintelligence.net hal900018.redintelligence.net hal900016.redintelligence.net
11	s0.2mdn.net	www.star.com.tr s0.2mdn.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
9	www.googletagmanager.com	www.star.com.tr www.googletagmanager.com adv.office-partner.de
9	securepubads.g.doubleclick.net	www.star.com.tr securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	assets.turkmedya.com.tr	www.star.com.tr assets.turkmedya.com.tr
7	mc.yandex.com	3 redirects www.star.com.tr
6	api.webgains.io	analytics.webgains.io
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	tags.mathtag.com	62507208943cf4d9522f918611812145.safeframe.googlesyndication.com tags.mathtag.com
6	fonts.googleapis.com	securepubads.g.doubleclick.net hal900013.redintelligence.net hal900018.redintelligence.net s0.2mdn.net hal900016.redintelligence.net
6	mc.yandex.ru	4 redirects www.star.com.tr
6	imgs.stargazete.com	www.star.com.tr
6	www.star.com.tr	www.star.com.tr
5	choices.trustarc.com	choices.truste.com
5	googleads.g.doubleclick.net	62507208943cf4d9522f918611812145.safeframe.googlesyndication.com www.star.com.tr pagead2.googlesyndication.com
5	62507208943cf4d9522f918611812145.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.awin1.com	1 redirects 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
4	cdn.retailads.net	2 redirects futalis.de
4	hal900016.redintelligence.net	1 redirects 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com hal900016.redintelligence.net
4	hal900018.redintelligence.net	hal9000.redintelligence.net hal900018.redintelligence.net
4	www.googletagservices.com	62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
4	mc.yandex.com.tr	2 redirects www.star.com.tr
4	www.google.com	1 redirects www.star.com.tr tpc.googlesyndication.com
3	cdn.track.production.webgains.team	62507208943cf4d9522f918611812145.safeframe.googlesyndication.com track.webgains.com
3	analytics.webgains.io	track.webgains.com
3	track.webgains.com	www.star.com.tr
3	adv.office-partner.de	hal900013.redintelligence.net hal900018.redintelligence.net hal900016.redintelligence.net
3	hal900013.redintelligence.net	hal9000.redintelligence.net hal900013.redintelligence.net
3	www.google.de	www.star.com.tr
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.star.com.tr www.google-analytics.com
3	imgz.star.com.tr	www.star.com.tr
2	futalis.de	hal900013.redintelligence.net hal900018.redintelligence.net
2	googleads4.g.doubleclick.net	www.star.com.tr
2	pixel.mathtag.com	tags.mathtag.com
2	www.gstatic.com	www.star.com.tr
1	htlp.emp.de	hal900016.redintelligence.net
1	beacon.sojern.com	62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
1	choices.truste.com	s0.2mdn.net
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	sc.cdnstr.com	www.star.com.tr
266	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
itunes.apple.com
play.google.com
news.google.com
www.turkmedya.com.tr

Subject Issuer	Validity	Valid
star.com.tr GTS CA 1P5	`2023-04-28` - `2023-07-27`	3 months	crt.sh
turkmedya.com.tr GTS CA 1P5	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
stargazete.com GTS CA 1P5	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
cdnstr.com GTS CA 1P5	`2023-05-14` - `2023-08-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
update.mediamathtag.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.futalis.de R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
htlp.emp.de Amazon RSA 2048 M02	`2023-02-23` - `2024-01-30`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Frame ID: 91D8825B9E3D2D156CB7EA06EC78AFA0
Requests: 61 HTTP requests in this frame

Frame: https://sc.cdnstr.com/count-sc.asp?@@@=1784819
Frame ID: F49ACDEB580AF5A99062638166FC0904
Requests: 1 HTTP requests in this frame

Frame: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9E58435C81E01C38BD365A66A4C8067
Requests: 1 HTTP requests in this frame

Frame: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FDB3660B9C22D80624E7C31D1D02DC99
Requests: 24 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs
Frame ID: 5B43E381D8DD91EFA43FDDE58135E4C8
Requests: 12 HTTP requests in this frame

Frame: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 659C3B8953385AA09B4112DFB8E7A073
Requests: 33 HTTP requests in this frame

Frame: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9CC4F90A1317B273EC53E745366A3C14
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs
Frame ID: 9D7109CBFAA551EBA63DC65166A5D09C
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs
Frame ID: 8072B1A4E2A7559B143280FA9CF97504
Requests: 17 HTTP requests in this frame

Frame: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C8D88435FE00B1DEED6E7409A6E3CD9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDtk5HGAxil5brpATAB&v=APEucNX4c_lSXinDc-sc2lUMAv9idN-bvSa9T1okFaLpei9HIURXcxIYwxKbGPZXGZHLzRh8gOKJCk3CTY8OiDHPIpywgeWHU6Eeve32pH5uGjIghx-y0n0uXxcD1XkEutZhT0jHCsMqyGFBjbZnl04B95cJy3IbOp_kzenj8n_Lfrw-PgQrsBs
Frame ID: F22664A620784B69158C191B050BD5B9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWq8H2XKjQZkjAF1PZ6NtDNU2mikiM7wypLd_JB5dJLFetWgekCMtqqDer1p6EGWMYwLzve-uOUi2CpXIB3XURs-UaPxf8iKf2TCU8ONvHbDnSlQLikeG1iZ5ttpjrn44YKsco1hVontUIxiOEwKcxoQpd74e15IZoM6wPlujknjlzYois
Frame ID: 4EAA2F9532BE1CB6386DF8144AA65D35
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3132D09C8EB546753CB80AA7EFBAABAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCCC40762F944CD516AA18BDBA464FDA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4C02B07196E89BF6C1739943C2F9A90A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
Frame ID: E68CEF3458C44B2B9727E2822920230B
Requests: 13 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B72F600FDEAAAC8BF5DF3CF01F238F02
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914516
Frame ID: F722A27284259F50EEB00E66A7B8DB6F
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
Frame ID: 27C04065DB5B1280CE75909DC4D5FDA4
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FE4C180CDF0039EC583AB8C742732DCF
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914517
Frame ID: 97A55AB934F2BED3A2B79A89F99F68BC
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Frame ID: FCE24297F1BF764D36CF59F884B0D337
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8251FFE3F6C5B27232B2664901582CF2
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 70BBD9AE5538601BE36E7C24C0B14CB5
Requests: 2 HTTP requests in this frame

Frame: https://htlp.emp.de/
Frame ID: 181E8D4FDC3F029BB5AFE5A929AB14A3
Requests: 1 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
Frame ID: 9F16E94AA05CE333BC9646674148D7E7
Requests: 8 HTTP requests in this frame

Frame: blob://https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/854c1db1-53c9-489a-a57a-880a02775482
Frame ID: 8985157BDF8762E2CF3AD249D1702F8D
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 161599C8197CA8D40C7238403B1E8C4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'Trol merkezi' ortaya çıktı! İşte CHP'nin 'Cambridge Analytica'sı

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

266
Requests

94 %
HTTPS

57 %
IPv6

34
Domains

51
Subdomains

48
IPs

8
Countries

3171 kB
Transfer

7355 kB
Size

39
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/stargazete

Search URL Search Domain Scan URL

URL: https://twitter.com/stargazete

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stargazete/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCv4lXYH3XXLUHl54aykON0A?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/tr/app/star-gazetesi/id563927022?l=tr&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.star.android

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMP6NkwswxKKoAw?oc=3&ceid=TR:tr
Title: ABONE OL

Search URL Search Domain Scan URL

URL: https://www.turkmedya.com.tr/bilgitoplumuhizmetleri/starmedyayayincilik
Title: Bilgi Toplum Hizmetleri

Search URL Search Domain Scan URL

URL: https://www.turkmedya.com.tr/star#star_cerez
Title: Çerez Politikası

Search URL Search Domain Scan URL

URL: https://www.turkmedya.com.tr/star#star_gizlilik
Title: Gizlilik Politikası

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10003.lCqObSOV1Yp7lK7h7SEGxMi0lY_AoUinZsJ_Eq7WiG72eR24EuaYezS--pGUWdbI.lx0ZjAh2pMGzBABfTDjiNR_GvyU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10003.RFcg8MfG2UY9Hoy9gFphydbWP4cNAqH9U534ICZMZyv4eLftXFijD-bfu-cR1QnCAMfGU9b6Hp_iNGHGbvh1IDT1UaZx9cNU6Ce1q1-NMEk%2C.vMpPkB0kMskO2W01itZO_Big3PQ%2C

Request Chain 54

https://mc.yandex.com.tr/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com.tr&token=10003.aS0AsJ8oqmocJv1hF6Rm3-CgVhpjeVwLSVQ2D6dobonFM9n3nLzz52N2FpQLcFmB.jhvH9xLOWT8rt21H4QoG9XVNhUs%2C HTTP 302
https://mc.yandex.com.tr/sync_cookie_image_decide?token=10003.4E-omll0l7YDq-Ugg18nfE-ePWXqckCiKCYu1Bque4M421LmMiPOExvPiCrTWwsMyIFqd9FLyt5c6MM9oDVjSYjFq07XxH7sjLk-rzgDvsw%2C.8kPRB44y6sCVXcRtjPWD6RP9uts%2C

Request Chain 57

https://mc.yandex.com/watch/14229943?wmode=7&page-url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A461%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262334369903%3Ahid%3A958552857%3Az%3A0%3Ai%3A20230514234741%3Aet%3A1684108061%3Ac%3A1%3Arn%3A1069172382%3Arqn%3A1%3Au%3A1684108061416525587%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A100%2C21%2C168%2C48%2C0%2C0%2C%2C146%2C0%2C%2C%2C%2C484%3Aco%3A0%3Acpf%3A1%3Ans%3A1684108060272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684108061%3At%3A%27Trol%20merkezi%27%20ortaya%20%C3%A7%C4%B1kt%C4%B1!%20%C4%B0%C5%9Fte%20CHP%27nin%20%27Cambridge%20Analytica%27s%C4%B1&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/14229943/1?wmode=7&page-url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A461%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262334369903%3Ahid%3A958552857%3Az%3A0%3Ai%3A20230514234741%3Aet%3A1684108061%3Ac%3A1%3Arn%3A1069172382%3Arqn%3A1%3Au%3A1684108061416525587%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A100%2C21%2C168%2C48%2C0%2C0%2C%2C146%2C0%2C%2C%2C%2C484%3Aco%3A0%3Acpf%3A1%3Ans%3A1684108060272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684108061%3At%3A%27Trol%20merkezi%27%20ortaya%20%C3%A7%C4%B1kt%C4%B1%21%20%C4%B0%C5%9Fte%20CHP%27nin%20%27Cambridge%20Analytica%27s%C4%B1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGFzHY6rjmoYTYnMNxxbNwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGFzHY6rjmoYTYnMNxxbNwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D

Request Chain 139

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10003.iX284mmL2udMm4MGAMO-hVsbV12s49HMVvsHj-uiDlf5EVZwnpn-QfnPN9M0VIRh.FD1NJJNc2j2FYPqGIubtRM6Xweg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10003.ObmXeV8XcFoKLX7BIaBG4KU5_ga85Um0geNJdqickSvHERpiS1bgPLO5KBK8zlPLVmgzXnl-v6GB0iX0C9qalLxYpoyaywpI4xYdyk0UsJ8%2C.OQthq2w7xNRJs37hFcFWLDgL7qM%2C

Request Chain 140

https://mc.yandex.com.tr/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com.tr&token=10003.zxhOR79K1pObece_4Kj2HCL6Fg35tTfxGle4VVEKsvn9xaE2rUX-mYqyyXDBuXgV.3hO6TKqHWjnR5aEElooNhDXjJ64%2C HTTP 302
https://mc.yandex.com.tr/sync_cookie_image_decide_secondary?token=10003.rQBwE3CNShAAn_3RmlnhiFzD0nh8YNZCmOOxxvJMrFr3Dtu6henryESjXzWeuElUrYt2j9TWE-YN0Wd9OxQ6c0JLtt6owUk-ZTn0ctwxHCI%2C.0_xAqzh9Flo6iy-fk_izIdjgmgA%2C

Request Chain 168

https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 177

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=72878800006118200951393012325013&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914516

Request Chain 182

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=83343700004859200951389012325018&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914517

Request Chain 209

https://www.awin1.com/cshow.php?s=2481797&v=14172&q=372912&r=296283&pref1=25438500004391504444994012325016&pv=1 HTTP 302
https://htlp.emp.de/

266 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/ 78 KB
16 KB 289ms
168ms Document
text/html 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c59d70e46fb6d356ab1daa2bb04863d56f7109c53750e12f5420fddb401ba622

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7c7707117ab0bbc2-FRA
content-encoding: br
content-type: text/html
date: Sun, 14 May 2023 23:47:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjZbvxc6HMeuiyU7n12bfNPoZhpXw%2F40Rk7t64CCulWlScVZYp3fQhiwI9lOENtfWnFKrtvZK7Ssqqr1%2FzwjdPoHXOlVKGlYss%2BwhPS3GjAePgD3JwzJBrEl%2FwLN9Xm0GzACKMeimrrn4yCv%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET
x-proxy-cache: TURKMEDYA BALANCER FARM FX107 MISS

GET
H2 200 main.css
assets.turkmedya.com.tr/star/assets/css/ 33 KB
7 KB 79ms
27ms Stylesheet
text/css 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb936018c7a9048a6366e10ca7132a40484568dad9bb453d36960472d789eda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 13:22:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6464
etag: W/"b9ed6289e961d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ghxsGglcXSzSxt1JuNUV1KqINT3ebK2IV9%2Fmdyy3MQ5dL%2FW1hLT58P%2FkvcAJbzdrWPtKxQ%2Fdxpdfbwi42OcqSIOtY3low0yzwNy%2Fj4N9UNSxl4GlYnEtOguICKPEMNdqfRBhy%2Fni9WtK4CFRSDwuIBcNNXxtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 7c770712e8c823b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 news-detail.css
assets.turkmedya.com.tr/star/assets/css/ 1 KB
1 KB 78ms
26ms Stylesheet
text/css 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/css/news-detail.css?v=1907.6
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b689063761c6e27d06ddc9e91b1eed3c8947ab79c8fceff9bcfba9fcf4737554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 13:22:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6464
etag: W/"638b6089e961d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7R6MedCXa9e93rh4jv5jz887z0INGH%2BQ25rouzKf%2Bib3Kzfyij76gNZbzseLG5B2z6hCSRo7Tc0WNaAbIVEnPehFe1veiVS9BO5t3STTyk1bJASFleTWYjCb8cXHbeT%2BVzFkf3LFLCX0xTeGt3XeBEzIgqdOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cf-ray: 7c770712e8cb23b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e08ef3d1b80fd390400903e293a3ff1a7f3f110650fdfd9cc5589631617086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25240
x-xss-protection: 0
server: cafe
etag: 762 / 19491 / 31074523 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H2 200 menu.css
www.star.com.tr/assets-star/css/ 3 KB
1 KB 24ms
24ms Stylesheet
text/css 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.star.com.tr/assets-star/css/menu.css?v=1907.6
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ab96e60262520cbc3e31bdffe2ed5484b4f8608c4527f0b17e7d7e4a3f85ed02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140273
x-powered-by: ASP.NET
x-cache-status: HIT
last-modified: Thu, 02 Feb 2023 07:41:26 GMT
server: cloudflare
etag: W/"c73846c1d936d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnzZwHjHHqrl6SzITaLjdFW%2BapLlQcvEnNDb%2FP7H6SaFuI0koHhIeq44%2FQjNTXfNANnENJC6HN%2BTYXaJD%2B7AnkDXhTZJK98LO5JA2uRmxjb6WroUqG5nkoabUUYc9MSsbna1A2yz15V%2BUacJOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7c7707129b96bbc2-FRA
expires: Mon, 12 Jun 2023 08:49:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 51ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CJGE1V798B

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb20771db1ae86cf5262fe463b08fe831f71d33a2fc60a5503bb2679caf412c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81354
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 44ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1200121-1

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f440ec2f012a103c0c25e7431814605da946927132ecf5b27f5aa84184a9d8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46281
x-xss-protection: 0
last-modified: Sun, 14 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H2 200 trol-merkezi-ortaya-cikti-620_2-41.jpg
imgs.stargazete.com/imgsdisk/2023/05/11/ 88 KB
88 KB 59ms
21ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.stargazete.com/imgsdisk/2023/05/11/trol-merkezi-ortaya-cikti-620_2-41.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 316b655db4e34a89393655bb1ac25d46509769516079c31c031252a79264e30e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
via: HTTP/1.1 Merlin CDN
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90144
last-modified: Thu, 11 May 2023 05:13:17 GMT
server: cloudflare
etag: W/"a2ef724bc783d91:0"
allow: GET, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X6P2iWHNTCC%2BAV7vT8vRYjMGpq4Ad38slGlJGE9Mm5kYMPilx%2FEPMuyFey5BjdXR6WYGOAzK7IHkPQU5OAv%2FZZVMQuMS5z3HPqxHRtwnAwihlv3X0ECfBLeLb5x%2BYo3EEGWUx7AySSFKLyFTSfUhODy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
x-edge: de-fra-dp-s01
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c7707136c509267-FRA

GET
H2 200 google-news-logo.svg
www.star.com.tr/assetsnew/img/ 3 KB
2 KB 18ms
16ms Image
image/svg+xml 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.star.com.tr/assetsnew/img/google-news-logo.svg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cfe7a1b89393700e6e2aaebf3d24b1f3983b7ed69f49c07dbb088555a655451d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109
x-powered-by: ASP.NET
last-modified: Wed, 23 Jun 2021 11:22:44 GMT
server: cloudflare
etag: W/"f7349f162268d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BHhDVBhCpWER4FPODAAG7ahGpCM2Gs%2BcsmZRyTZh23FTMHndzHgvuJtgYcoPqhc9ntoX6b30rX8BvipqWl8DoOuvDjEPgiG4ckJpDuWkbQcWQ1GGc6LIW33Qkm2mFAhKCOABmDjDL5LoqrQ%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7c7707133c0dbbc2-FRA
x-proxy-cache: TURKMEDYA BALANCER FARM FX107, STALE

GET
H2 200 chpnin-manipulasyon-ve-de-959_2-43.jpg
imgz.star.com.tr/imgsdisk/2023/05/06/ 41 KB
41 KB 295ms
285ms Image
image/jpeg 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgz.star.com.tr/imgsdisk/2023/05/06/chpnin-manipulasyon-ve-de-959_2-43.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75a1863e3707cda84f14cca198609089b220831fd9606151ecd5ed3a4868c4e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: MISS
last-modified: Sat, 06 May 2023 08:19:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9faa426cf37fd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ybg%2B1Cl7ls4Sje2LqiAlT2YEFxdEHILIAWYUfeL%2FHsrNg9tte5QrEhxim2zPrwO%2FuMxHRJWs3mw5mfp3%2BROEeRJiMEA%2FpDfM%2BQtK17xcn9O8P4SgXmeOFQj4mLu5OYpOL3xxmHAGS782C1Ln5L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c7707134c19bbc2-FRA
content-length: 41818

GET
H2 200 chpnin-manipulasyon-ve-de-330_2-43.jpg
imgz.star.com.tr/imgsdisk/2023/05/05/ 44 KB
44 KB 301ms
291ms Image
image/jpeg 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgz.star.com.tr/imgsdisk/2023/05/05/chpnin-manipulasyon-ve-de-330_2-43.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5c436ca89eb9a67827a130ea5a324d4d2db258224f709961bd1d5187a2f5900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: MISS
last-modified: Fri, 05 May 2023 14:00:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "285a98ed597fd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv3KEMld8OhbMOZJ11L3aQYOKplZLxDYmT7Jus3Pp2%2BXVzpwUGDIyshMyTYejJrpXsnXz2mVepEE%2BP0YmVFfWZ2STSMGLbXclTbKfqQpxkLIcn2OzCoVre77%2FAfanKOGkNiJqsWteTACjfnJ4sA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c7707134c1bbbc2-FRA
content-length: 44979

GET
H2 200 chpnin-manipulasyon-ve-de-342_2-43.jpg
imgz.star.com.tr/imgsdisk/2023/05/05/ 42 KB
43 KB 298ms
288ms Image
image/jpeg 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgz.star.com.tr/imgsdisk/2023/05/05/chpnin-manipulasyon-ve-de-342_2-43.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 72782c8f194ce49ea22493364106530da28f2e2ec28d1d5fca2907e34ca0e04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: MISS
last-modified: Fri, 05 May 2023 07:12:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8853f1f8207fd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhtg96Jg0XlPBuNGIwsP1akKww%2FCkS9mdRX4gXlC47IlC8pH0zXWnj8N5JU01DlcdrGeK4LqCxEqKyEwBZaNxMaAQi80RkbuebxZwFNNuZ2xUQDUfaAjFRjac2Yfheh2YopOs6IsIP1dk%2F1PilE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c7707134c1abbc2-FRA
content-length: 43281

GET
H2 200 canli-cumhurbaskani-erdog-253_2-42.jpg
imgs.stargazete.com/imgsdisk/2023/05/15/ 22 KB
23 KB 51ms
13ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.stargazete.com/imgsdisk/2023/05/15/canli-cumhurbaskani-erdog-253_2-42.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bab0c9268755844efdd7d39af7fa68982cb138a2c09bf96bfdf6c43a3878689d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
via: HTTP/1.1 Merlin CDN
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 824
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22592
last-modified: Sun, 14 May 2023 23:02:06 GMT
server: cloudflare
etag: W/"269a51ab886d91:0"
allow: GET, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz%2BPUgPVSgKo3JAsg7nu5zBwubMZvIsnc0UWMKM40Z4esIacjXUREGm4VxjIaxE3ScKaj9P2q%2BRXrmxuPpDfTYlsksX2jT5Bly5svQ0XGFhejg%2BgPkm4O%2BzIOVuoY3Bj4Wb3z7EkZ2mrNyTlBAs4PUJY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
x-edge: de-fra-dp-s03
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c7707136c519267-FRA

GET
H2 200 cumhurbaskani-erdogandan--886_2-42.jpg
imgs.stargazete.com/imgsdisk/2023/05/14/ 17 KB
18 KB 15ms
14ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.stargazete.com/imgsdisk/2023/05/14/cumhurbaskani-erdogandan--886_2-42.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 38d958461510e14ff6b240a20c8b40939c68de3263d99089c195ec0bd4bc6aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
via: HTTP/1.1 Merlin CDN
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15916
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17682
last-modified: Sun, 14 May 2023 19:20:37 GMT
server: cloudflare
etag: W/"873d2a2a9986d91:0"
allow: GET, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxoqsajBndxs3SBCttzuKx%2BZunsrTkS81%2Bp180g%2FmfVDdUrBelklD7ImFtHS%2F%2B3fcodoZxou7g39Gby29sFYrvtBINPnqtCB1txgLLx2L5kJG0ot%2F%2BoDzsoLPBn%2FouOwpuUnEHozoXYru7tGpdUVyg84"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
x-edge: de-fra-dp-s03
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c7707136c529267-FRA

GET
H2 200 turkiye-tercihini-yapti-i-370_2-42.jpg
imgs.stargazete.com/imgsdisk/2023/05/14/ 13 KB
13 KB 21ms
20ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.stargazete.com/imgsdisk/2023/05/14/turkiye-tercihini-yapti-i-370_2-42.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8389bb0438f96924f918825c29f4a6e89ca86c06c8a6f587a05eaab1aef20ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
via: HTTP/1.1 Merlin CDN
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25609
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12944
last-modified: Sun, 14 May 2023 16:39:41 GMT
server: cloudflare
etag: W/"4db594ae8286d91:0"
allow: GET, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn8LS1EZQW%2FhqNZSRj2O2DAYBWDJOhne4v9iRaNeq%2FWJMvWUgC%2FZyZGbiqqa24PDcYVoWJ41y6rC6Dxtlhz%2F31G%2B7oaMjBWBtVK4YAxS9vFHaSxH1iNGfaujGGXqlsIFQmZNjJ3hIO21M%2F2s5gn90Yn0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
x-edge: de-fra-dp-s03
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c7707136c539267-FRA

GET
H2 200 canli-ak-parti-genel-bask-464_2-42.jpg
imgs.stargazete.com/imgsdisk/2023/05/14/ 15 KB
15 KB 15ms
13ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.stargazete.com/imgsdisk/2023/05/14/canli-ak-parti-genel-bask-464_2-42.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 78d4dbd16701a18be9db658dc743930d56303b70b45993a962ff8e82edd04253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
via: HTTP/1.1 Merlin CDN
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16983
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15274
last-modified: Sun, 14 May 2023 19:02:53 GMT
server: cloudflare
etag: W/"3b82b4af9686d91:0"
allow: GET, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBCIsBnsgx1dg1CkYtewBTWzYhNvdCVSQj8GMk2%2BPfAF1fxWE6aICtLPNV0rL5WG8Yn%2FR2e8LRhNJivxypjEdynKwEOuKAr8KGMkLhyyTv6xSY1jz2uq4mv%2BMjUS0ylXdEO%2BuCuEGlhm4rZXGeXDemXp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
x-edge: de-fra-dp-s01
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c7707138c609267-FRA

GET
H2 200 ak-parti-sozcusu-celik-an-684_2-42.jpg
imgs.stargazete.com/imgsdisk/2023/05/14/ 10 KB
11 KB 19ms
17ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.stargazete.com/imgsdisk/2023/05/14/ak-parti-sozcusu-celik-an-684_2-42.jpg
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad2df7e705d96ed9ab4552a6628c122f94561b99cb9cfc2778d41790d3a5ba86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
via: HTTP/1.1 Merlin CDN
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16280
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10420
last-modified: Sun, 14 May 2023 18:46:13 GMT
server: cloudflare
etag: W/"439f5c5b9486d91:0"
allow: GET, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGVbpi%2Bj2hi11XC2S5zP1vAVFDFJUDHyHCCV7BE827IK%2BxzKuEYSFlSoEUKm4amcQ80%2B8eQE5SUh9Z1qntWAW8Tjc8FA%2FTaYl0fqvFIYU4dKB%2F4o%2B%2BuJCFZZdkqCA5c84jKeaJ3MRkNJSNdfhHnhSHzR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
x-edge: de-fra-dp-s01
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7c7707138c629267-FRA

GET
H2 200 scripts-min.js Show response
assets.turkmedya.com.tr/star/assets/js/min/ 181 KB
58 KB 32ms
32ms Script
application/javascript 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/js/min/scripts-min.js?v=1907.6
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 712daa70746eb462c64a75be9281a41f2bea688731d47c405d1b6eb5ff242c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 13:22:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4516
etag: W/"c768168ce961d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8OkrRe4mUt4chq0EgoBgvUf2K8vHVH1ofkKglWqcJKYQ3NQ%2FJAtbyB5xmScLtp2poEyaX9iTTy417hMlRl7WWBexLI6JnocT2r%2FPr2XKURg4d%2FxKhwc59Skt4sWiDUqFmb9XZ0cwaXrDuNq%2FVkP%2BSfRfgiYnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 7c77071318ed23b3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 infinite2.js Show response
www.star.com.tr/assets-star/js/min/ 4 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.star.com.tr/assets-star/js/min/infinite2.js?v=1907.65
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46c1eb94e0a13fce745f6a2511ada0b21d23b56b884aba97dff1233508295073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140273
x-powered-by: ASP.NET
x-cache-status: HIT
last-modified: Thu, 06 Jan 2022 07:03:02 GMT
server: cloudflare
etag: W/"576a172cb2d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abNkmErWbi6pdvoRBRGUAVxfVclC3mCswczPXBB1p361lRckaBEdVssA4vZgaVKe0vAtJPmMV40iU2uJ%2B%2B4QiP970tRisPdz5FZqvpCiPtBjSmU8ga9N%2Fze6RJo%2FVN1%2B6BGyQ7w1L6xCyDtPbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7c7707131bf6bbc2-FRA
expires: Mon, 12 Jun 2023 08:49:48 GMT

GET
H2 200 menu.js Show response
www.star.com.tr/assets-star/js/min/ 1 KB
623 B 15ms
13ms Script
application/javascript 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.star.com.tr/assets-star/js/min/menu.js?v=1907.6
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f1918f9c400cd209d2f4a7affb6bb1cc8633fc26a8375cdd2b33015d349c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140273
x-powered-by: ASP.NET
x-cache-status: HIT
last-modified: Thu, 02 Feb 2023 07:05:50 GMT
server: cloudflare
etag: W/"ed2836c8d436d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2O2TxRn%2BAcZlkSqouYoZ4Fc4ILe4HWYdR8NPL00DdHP3cRAkfKcIehTIstyKNOkhSMbRYUoW3cagwP5i7kxVQxDkHaPL5u5FGdnOC5FWaXyuTjdIXCf5sXH4TCahYceys7oUdPHICZYlNG4SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7c7707133c0bbbc2-FRA
expires: Mon, 12 Jun 2023 08:49:48 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.14.6/ 19 KB
7 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.14.6/firebase-app.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b369e8dadd0a497d68ed1561188bdd41e0afb763fde97a5f6d4cc408a2a5c7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 22:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6581
x-xss-protection: 0
last-modified: Fri, 29 May 2020 17:38:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 22:27:23 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.14.6/ 38 KB
10 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.14.6/firebase-messaging.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0eaafdad2b5601750152ec4733e7fa3129723d599bbf2319395ae5026d5da21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 07:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10594
x-xss-protection: 0
last-modified: Fri, 29 May 2020 17:38:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 07:20:15 GMT

GET
H2 200 firebase.js Show response
www.star.com.tr/assets/js/ 4 KB
2 KB 18ms
15ms Script
application/javascript 2606:4700:20::681a:671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.star.com.tr/assets/js/firebase.js?v=2.68
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e70c31322d69ee7265161c04efdf7aac38c2b1176fa9ee92ef184e40c9c6129b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1136918
x-powered-by: ASP.NET
x-cache-status: HIT
last-modified: Thu, 24 Nov 2022 06:34:22 GMT
server: cloudflare
etag: W/"319af5c9ceffd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrBBGEDekizhUNwLbB7LKmOlpFYZQFGEMLiZhTIsHU9qGAZjFGr2wrUJCuv0VIBczfTwmA9eYoooJKNui%2FW9cDyU0FxLU0LuidG%2B6PTgoO0S4axpkMgW44bdsU98mDOwsNn6YWXmeaRZW%2Bn2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7c7707133c0cbbc2-FRA
expires: Wed, 31 May 2023 19:59:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
44 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSDJC7

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aebc2601477fe5ae546fc6ec9f708ee2d30266f6aed1609338994738da871f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44738
x-xss-protection: 0
last-modified: Sun, 14 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRH4CZ2

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34df82dfc40337a0cc832eebc63a84157fe094f687275bc036a6a9681eeaa81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41050
x-xss-protection: 0
last-modified: Sun, 14 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 May 2023 22:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4321
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 00:35:39 GMT

GET
H2 200 sprite.png
assets.turkmedya.com.tr/star/assets/img/ 40 KB
40 KB 28ms
27ms Image
image/png 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.turkmedya.com.tr/star/assets/img/sprite.png?v=1608032970353
Requested by: Host: assets.turkmedya.com.tr
URL: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e487e67388d2b144af7606b7a9d2c584208ddbd21a6c146232922552da2911e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3674
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40622
last-modified: Tue, 15 Jun 2021 13:22:52 GMT
server: cloudflare
etag: "ec92a18be961d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xIsedIyAZfD8l%2FkbbCEUIdWzPni6x5Y%2BdbyAeA1OgddUYK%2FoQbfwdloTGSBiv65GOR9P2aEm3Jkkyezo1JRpjcTELjldoEo73EorTBVLlCRkzWrNdeiG5bb2%2BBu%2BOON57jlVUtHstVnoGa2OMDeja64TvzxtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c770713491323b3-LHR

GET
H2 200 Poppins-Regular.woff2
assets.turkmedya.com.tr/star/assets/font/ 47 KB
48 KB 65ms
24ms Font
application/font-woff2 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/font/Poppins-Regular.woff2
Requested by: Host: assets.turkmedya.com.tr
URL: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 78fd59443c5459d53d6d75afc549f0de9cf23407edab4908d7fa549fba3ae5eb

Request headers

Referer: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3674
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48152
last-modified: Tue, 15 Jun 2021 13:22:49 GMT
server: cloudflare
etag: "e226bb89e961d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sqlkqwD%2BVVfHDGE%2F60Rr2Chtcr77qHM8ybjZL%2BNJfSlCLg%2FjdhTlMf%2BJP%2FelHfTR6KhOxOuDxem2N8kxFLHLqfcDHwCEvWgwj5OdNpsT7z9QfOy%2FRGdWZB2grqQde8pGoW4vWzcgCj7E01aFO%2Bh1i1EmqDm8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c7707138b2823d4-LHR

GET
H2 200 Poppins-Bold.woff2
assets.turkmedya.com.tr/star/assets/font/ 47 KB
47 KB 83ms
43ms Font
application/font-woff2 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/font/Poppins-Bold.woff2
Requested by: Host: assets.turkmedya.com.tr
URL: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50e5e528ecb3137b39cdecadff5d7fc965ee5378ffbe4768646ed44d069009d7

Request headers

Referer: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3674
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47928
last-modified: Tue, 15 Jun 2021 13:22:50 GMT
server: cloudflare
etag: "e34a5d8ae961d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHcU9tyZY5kbK220KUkQpV2Z3JAQzxF2fqo5JOBrPrpWL8sWDv9BczejzhX6bf8Vqc%2Bq8DZVzD2V%2BNu%2B7HjmbtRb7aHyG1cYoLVuAD3O3gdasQ21FaFY8u18fH9mciqtVboSFhtRsn9fETQ%2FcN0Yu5diuNs3xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c7707138b2923d4-LHR

GET
H2 200 icon.woff2
assets.turkmedya.com.tr/star/assets/font/ 4 KB
4 KB 82ms
42ms Font
application/font-woff2 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/font/icon.woff2?v=75134
Requested by: Host: assets.turkmedya.com.tr
URL: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7aa95990d6fead27cf0e84310a577fdfde514c88a3a15a00d278aae5decb7c71

Request headers

Referer: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3674
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3844
last-modified: Tue, 15 Jun 2021 13:22:52 GMT
server: cloudflare
etag: "61d8c8be961d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJI1jLlIFthZfwkJ%2Bqy%2F7IXEQS6p4XkLPkODIbG9X%2BHoWC8RAqWnsGsYk2jHTJMhAbDKNXxtbaXsodxvNmE2Bs5MKzOlm3q6pNrnQhMWIeemhAqnL9IH5GXWSCBLBs%2FqAS2DS%2BYotZOWmNBPvia1qEwLnhPNqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c7707138b2a23d4-LHR

GET
H2 200 Poppins-Medium.woff2
assets.turkmedya.com.tr/star/assets/font/ 47 KB
47 KB 85ms
45ms Font
application/font-woff2 2606:4700:3038::6815:eb63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.turkmedya.com.tr/star/assets/font/Poppins-Medium.woff2
Requested by: Host: assets.turkmedya.com.tr
URL: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e5ba79c1c730a01eeafba8a9c18f41da1c07cc4bda3d75848fe0fbb690a7a22

Request headers

Referer: https://assets.turkmedya.com.tr/star/assets/css/main.css?v=1907.6
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3674
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48076
last-modified: Tue, 15 Jun 2021 13:22:49 GMT
server: cloudflare
etag: "8d9cd089e961d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXrkuAxdA1qObnMJH7E%2FgkMo1cBOUa%2BDMr%2BPZd%2F61d0vHHAdvnm0DiZPSo9zJoyO7FTRVCIQoTCn2ExAfNT0qez5492JIb7EdpzP9q4n1Tri7SzE6Ve%2BVsOGbaUIhjDsSeH4DhfynZ89cVSRrrW9UwZdcDMjOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c7707138b2d23d4-LHR

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 270ms
140ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fab231fbfc156c6195e0fa7e07d5effaa4d6cf51f8d91d3b4a77d116c693b927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-122f1"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74481
expires: Mon, 15 May 2023 00:47:40 GMT

GET
H2 200 count-sc.asp Show response
sc.cdnstr.com/ Frame F49A 17 B
565 B 150ms
119ms Document
text/html 2606:4700:3032::6815:5d29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.cdnstr.com/count-sc.asp?@@@=1784819
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5d29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b2267b950b6c07b23b05cde097244b2fb795259fa549a1714e38cdd114bfb12c

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7c770713da4fbbdf-FRA
content-encoding: br
content-type: text/html
date: Sun, 14 May 2023 23:47:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWgUmOQMiWTBwijv3n36HS%2BocUwHnYQvsy8eFmcDzaTnLp%2BgszbDTm%2FMBfBrWjkNFVE%2B7%2FKDVF7%2BPdco1TbTq%2FV4KCXmRqE9aIY45pD8xgAqmEKRYivaPLcX%2Bdh%2BYbEb%2F97yW4kr36vFkwbw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 402 KB
124 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 06:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61242
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 May 2024 06:46:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 831 B
419 B 38ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.star.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

795e2d2ae40f821d4dc671f5ad6a7a0f6ef89201fa501e3c0d306ec8e625613a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CJGE1V798B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1200121-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ec7eafcaecb8df31c53886c64fcac0dfa44f5e19c5862f92d3c2ed8f07fb2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 May 2023 23:47:40 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 60ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CJGE1V798B&gtm=45je35a0&_p=2009166181&_gaz=1&cid=913765282.1684108061&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Haber%20Ozetleri&sid=1684108060&sct=1&seg=0&dl=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CJGE1V798B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 68ms
20ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CJGE1V798B&cid=913765282.1684108061&gtm=45je35a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CJGE1V798B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 51ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CJGE1V798B&cid=913765282.1684108061&gtm=45je35a0&aip=1&z=1598641213

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 164 KB
58 KB 115ms
93ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-e583"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58755
expires: Mon, 15 May 2023 00:47:40 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 18ms
17ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2009166181&t=pageview&_s=1&dl=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&ul=en-us&de=windows-1254&dt=%27Trol%20merkezi%27%20ortaya%20%C3%A7%C4%B1kt%C4%B1!%20%C4%B0%C5%9Fte%20CHP%27nin%20%27Cambridge%20Analytica%27s%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1967374243&gjid=488062150&cid=913765282.1684108061&tid=UA-1042164-1&_gid=28936417.1684108061&_r=1&_slc=1&z=386961525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.star.com.tr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 16ms
16ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2009166181&t=pageview&_s=1&dl=%2Fhaber-ozetleri%2F&ul=en-us&de=windows-1254&dt=Haber%20Ozetleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACgCI~&jid=488597460&gjid=1344039430&cid=913765282.1684108061&tid=UA-1200121-1&_gid=28936417.1684108061&_r=1&gtm=457e35a0&jsscut=1&z=267055913

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.star.com.tr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FSDDFXFXJV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRH4CZ2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e968e294e26343e61905743bbe103e0fca9de62ed576695ac6d148cc96a3bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 May 2023 23:47:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 44ms
19ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.star.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 45ms
19ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.star.com.tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 264 KB
45 KB 351ms
351ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=114524255750530&correlator=2459782327691945&eid=31074171%2C31074523%2C31068366&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=30430650%2C01_Star_Guncel_160x600%2C01_Star_Guncel_160x600_sol%2C01_Star_Diger_728x90%2Cinterstetial_ozel%2C01_Star_Guncel_300x250%2CStar_haberdetay_inpage%2Cstar_diger_pageskin%2C01_Star_SiteGeneli_970x250%2CStar_multiplex%2Cstar_web_multiplex&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2F10&prev_iu_szs=320x50%7C120x240%7C180x600%7C160x600%7C300x600%7C120x600%2C320x50%7C120x240%7C180x600%7C160x600%7C300x600%7C120x600%2C320x50%7C728x90%7C970x90%7C980x90%2C1x1%2C300x250%2C320x50%7C250x250%7C300x250%2C1x1%2C970x250%2C320x50%7C300x250%7C300x300%7C250x250%7C336x280&fluid=height%2Cheight%2Cheight%2C0%2C0%2Cheight%2C0%2C0%2Cheight&ifi=1&adks=3151654258%2C3809662079%2C414477023%2C3553201886%2C3266837170%2C3272498850%2C1961068582%2C387544115%2C1696528121&sfv=1-0-40&ists=36&prev_scp=mast4%3Drefresh%7Cmast5%3Drefresh%7Cmast3%3Drefresh%7C%7Cmast7%3Drefresh%7Cmast8%3Drefresh%7Cmast6%3Drefresh%7Cmast2%3Drefresh%7Cmast9%3Drefresh&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684108060928&lmt=1684108060&dlt=1684108060566&idt=325&adxs=1310%2C130%2C436%2C0%2C987%2C506%2C0%2C315%2C481&adys=290%2C290%2C0%2C4742%2C1584%2C1653%2C110%2C306%2C3780&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C0%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&frm=20&vis=1&psz=160x-1%7C160x-1%7C988x-1%7C1600x1200%7C313x-1%7C650x-1%7C1600x4692%7C1020x-1%7C650x-1&msz=160x-1%7C160x-1%7C988x-1%7C1600x0%7C313x-1%7C650x-1%7C1600x0%7C980x-1%7C300x-1&fws=512%2C512%2C4%2C0%2C4%2C4%2C0%2C4%2C0&ohw=0%2C0%2C988%2C0%2C313%2C650%2C0%2C980%2C0&ga_vid=913765282.1684108061&ga_sid=1684108061&ga_hid=2009166181&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

483ba79bfdf1384e0ac2af27f5d38ea60798fd419123f815d6dbd223342cfa02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46465
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1,-1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1,-1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.star.com.tr
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9E5 6 KB
3 KB 62ms
15ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:40 GMT
expires: Mon, 13 May 2024 23:47:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1042164-1&cid=913765282.1684108061&jid=1967374243&gjid=488062150&_gid=28936417.1684108061&_u=IADAAEAAAAAAACAAI~&z=968341411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.star.com.tr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
71 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1200121-1&cid=913765282.1684108061&jid=488597460&gjid=1344039430&_gid=28936417.1684108061&_u=YADAAUABAAAAACgCI~&z=1687173202

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.star.com.tr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 43ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FSDDFXFXJV&gtm=45je35a0&_p=2009166181&cid=913765282.1684108061&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684108060&sct=1&seg=0&dl=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&dt=%27Trol%20merkezi%27%20ortaya%20%C3%A7%C4%B1kt%C4%B1!%20%C4%B0%C5%9Fte%20CHP%27nin%20%27Cambridge%20Analytica%27s%C4%B1&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FSDDFXFXJV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.star.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 45ms
18ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1042164-1&cid=913765282.1684108061&jid=1967374243&_u=IADAAEAAAAAAACAAI~&z=1317431508

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1042164-1&cid=913765282.1684108061&jid=1967374243&_u=IADAAEAAAAAAACAAI~&z=1317431508

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 46ms
20ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1200121-1&cid=913765282.1684108061&jid=488597460&_u=YADAAUABAAAAACgCI~&z=1026036243

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1200121-1&cid=913765282.1684108061&jid=488597460&_u=YADAAUABAAAAACgCI~&z=1026036243

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10003.lCqObSOV1Yp7lK7h7SEGxMi0lY_AoUinZsJ_Eq7WiG72eR24EuaYezS--pGUWdbI.lx0ZjAh2pMGzBABfTDjiNR_GvyU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10003.RFcg8MfG2UY9Hoy9gFphydbWP4cNAqH9U534ICZMZyv4eLftXFijD-bfu-cR1QnCAMfGU9b6Hp_iNGHGbvh1IDT1UaZx9cNU6Ce1q1-NMEk%2C.vMpPkB0kMskO2W01itZO_Big3PQ%2C

43 B
67 B

50ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10003.RFcg8MfG2UY9Hoy9gFphydbWP4cNAqH9U534ICZMZyv4eLftXFijD-bfu-cR1QnCAMfGU9b6Hp_iNGHGbvh1IDT1UaZx9cNU6Ce1q1-NMEk%2C.vMpPkB0kMskO2W01itZO_Big3PQ%2C

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10003.RFcg8MfG2UY9Hoy9gFphydbWP4cNAqH9U534ICZMZyv4eLftXFijD-bfu-cR1QnCAMfGU9b6Hp_iNGHGbvh1IDT1UaZx9cNU6Ce1q1-NMEk%2C.vMpPkB0kMskO2W01itZO_Big3PQ%2C
date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.com.tr/
Redirect Chain

https://mc.yandex.com.tr/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com.tr&token=10003.aS0AsJ8oqmocJv1hF6Rm3-CgVhpjeVwLSVQ2D6dobonFM9n3nLzz52N2FpQLcFmB.jhvH9xLOWT8rt21H4QoG9XVNhUs%2C
https://mc.yandex.com.tr/sync_cookie_image_decide?token=10003.4E-omll0l7YDq-Ugg18nfE-ePWXqckCiKCYu1Bque4M421LmMiPOExvPiCrTWwsMyIFqd9FLyt5c6MM9oDVjSYjFq07XxH7sjLk-rzgDvsw%2C.8kPRB44y6sCVXcRtjPWD6RP9...

43 B
67 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com.tr/sync_cookie_image_decide?token=10003.4E-omll0l7YDq-Ugg18nfE-ePWXqckCiKCYu1Bque4M421LmMiPOExvPiCrTWwsMyIFqd9FLyt5c6MM9oDVjSYjFq07XxH7sjLk-rzgDvsw%2C.8kPRB44y6sCVXcRtjPWD6RP9uts%2C

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com.tr/sync_cookie_image_decide?token=10003.4E-omll0l7YDq-Ugg18nfE-ePWXqckCiKCYu1Bque4M421LmMiPOExvPiCrTWwsMyIFqd9FLyt5c6MM9oDVjSYjFq07XxH7sjLk-rzgDvsw%2C.8kPRB44y6sCVXcRtjPWD6RP9uts%2C
date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 61ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 15 May 2023 00:47:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
22ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be80eca4dbc8cba1ffc7dd7d5046eb703ef496d361ec598719ef77a15d8956bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11273
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/14229943/
Redirect Chain

https://mc.yandex.com/watch/14229943?wmode=7&page-url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&charset=utf-8&uah=chm%0A%...
https://mc.yandex.com/watch/14229943/1?wmode=7&page-url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&charset=utf-8&uah=chm%0...

428 B
572 B

55ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/14229943/1?wmode=7&page-url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A461%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262334369903%3Ahid%3A958552857%3Az%3A0%3Ai%3A20230514234741%3Aet%3A1684108061%3Ac%3A1%3Arn%3A1069172382%3Arqn%3A1%3Au%3A1684108061416525587%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A100%2C21%2C168%2C48%2C0%2C0%2C%2C146%2C0%2C%2C%2C%2C484%3Aco%3A0%3Acpf%3A1%3Ans%3A1684108060272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684108061%3At%3A%27Trol%20merkezi%27%20ortaya%20%C3%A7%C4%B1kt%C4%B1%21%20%C4%B0%C5%9Fte%20CHP%27nin%20%27Cambridge%20Analytica%27s%C4%B1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1116d90a09bdcf335c59bef209e39f1ce79ffb80ef37f32ef5ae69f8fe55a4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 14-May-2023 23:47:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.star.com.tr
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Sun, 14-May-2023 23:47:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14-May-2023 23:47:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/14229943/1?wmode=7&page-url=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A461%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A262334369903%3Ahid%3A958552857%3Az%3A0%3Ai%3A20230514234741%3Aet%3A1684108061%3Ac%3A1%3Arn%3A1069172382%3Arqn%3A1%3Au%3A1684108061416525587%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A100%2C21%2C168%2C48%2C0%2C0%2C%2C146%2C0%2C%2C%2C%2C484%3Aco%3A0%3Acpf%3A1%3Ans%3A1684108060272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684108061%3At%3A%27Trol%20merkezi%27%20ortaya%20%C3%A7%C4%B1kt%C4%B1%21%20%C4%B0%C5%9Fte%20CHP%27nin%20%27Cambridge%20Analytica%27s%C4%B1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.star.com.tr
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 14-May-2023 23:47:41 GMT

GET
H2 200 container.html Show response
62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDB3 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:40 GMT
expires: Mon, 13 May 2024 23:47:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305051745000/ Frame 5B43 222 KB
62 KB 72ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8af29f8d2044c9eebf854b988d2ec9500878fa392e2aacdbfd162e82e34f270

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 23:47:46 GMT
age: 259195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61932
x-xss-protection: 0
server: sffe
etag: "8637e18cee5fab18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 May 2024 23:47:46 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 5B43 15 KB
5 KB 110ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5227
x-xss-protection: 0
server: sffe
etag: "c5726c99a9d8e9d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 5B43 94 KB
28 KB 107ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28894
x-xss-protection: 0
server: sffe
etag: "e449c041a52d1404"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 5B43 5 KB
2 KB 108ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "40d60bfa9b2b96dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 5B43 40 KB
13 KB 109ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12944
x-xss-protection: 0
server: sffe
etag: "8267429d1a59707e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
DATA 200
OK truncated
/ Frame 5B43 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b2a15e5f2b86c01ad721ace1caf06eb76436d86d2dc03522d992028b38e6a60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 659C 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:40 GMT
expires: Mon, 13 May 2024 23:47:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9CC4 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:40 GMT
expires: Mon, 13 May 2024 23:47:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305051745000/ Frame 9D71 222 KB
61 KB 66ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8af29f8d2044c9eebf854b988d2ec9500878fa392e2aacdbfd162e82e34f270

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 23:47:46 GMT
age: 259195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61932
x-xss-protection: 0
server: sffe
etag: "8637e18cee5fab18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 May 2024 23:47:46 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 9D71 15 KB
5 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5227
x-xss-protection: 0
server: sffe
etag: "c5726c99a9d8e9d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 9D71 94 KB
28 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28894
x-xss-protection: 0
server: sffe
etag: "e449c041a52d1404"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 9D71 5 KB
2 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "40d60bfa9b2b96dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 9D71 40 KB
13 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12944
x-xss-protection: 0
server: sffe
etag: "8267429d1a59707e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9D71 6 KB
1 KB 53ms
24ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 23:25:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305051745000/ Frame 8072 222 KB
61 KB 60ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8af29f8d2044c9eebf854b988d2ec9500878fa392e2aacdbfd162e82e34f270

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 23:47:46 GMT
age: 259195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61932
x-xss-protection: 0
server: sffe
etag: "8637e18cee5fab18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 May 2024 23:47:46 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 8072 15 KB
5 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5227
x-xss-protection: 0
server: sffe
etag: "c5726c99a9d8e9d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 8072 94 KB
28 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28894
x-xss-protection: 0
server: sffe
etag: "e449c041a52d1404"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 8072 5 KB
2 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "40d60bfa9b2b96dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305051745000/v0/ Frame 8072 40 KB
13 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305051745000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 22:04:42 GMT
age: 438179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12944
x-xss-protection: 0
server: sffe
etag: "8267429d1a59707e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 22:04:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8072 9 KB
1006 B 44ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 22:30:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H3 200 container.html Show response
62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C8D 6 KB
3 KB 11ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:40 GMT
expires: Mon, 13 May 2024 23:47:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8989457944402299643
tpc.googlesyndication.com/simgad/ Frame 5B43 30 KB
31 KB 47ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8989457944402299643?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qku9JY2KHrA-hCk9YIkyB0iFkfeMw

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e9e646434e6492b519e49ca0922692836622607dfe615eeab6fee066ba26e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:47:04 GMT
x-content-type-options: nosniff
age: 154837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31134
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 09:20:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 04:47:04 GMT

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5B43 3 KB
3 KB 46ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 19:04:08 GMT
x-content-type-options: nosniff
server: cafe
age: 17013
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Mon, 15 May 2023 19:04:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5B43 344 B
402 B 58ms
23ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 36751
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 15 May 2023 13:35:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5B43 0
0 67ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CB9vKHHNhZNOOPJ2i9u8Psq-W-AjhluajaLOR_8H2D9zZHhABIPL-hSdglcL2gZQHoAH1mI2LA8gBAqkCuEm_tTNnsj7gAgCoAwHIAwiqBOACT9BdqJHRq53R5rgHuoLZ6P3fB9sk-Omp4sda7XAsOOrC3mYqAtCPGaq5ObDItqa8MehKCFxsmXqOy4mYQXVl3o8UWVbY7S-70V6xuC69FQCcnPmIhGdSXDK0XqqSHH4QwlgIDd98BjrS02CWpNJ0gmt-XQ6BozM1Xu3y-8CAoyVZQdmW2w6LxJkvF7rpaRWKuaa5qvHbz31ICw0Vi5llHfXtTUx4eW8lRgBf1S2d2s1L6Z0W-pYxXfPC2_GDGH8bRvd828HY13qPmrFpnPBwJDs4ISQSjMq5jWCFy_-W3VmM_Bht6Pgpd1h_avPP3pMpTYL2madzhc4EagrhKgggHHXPBh1N2LT7HcnuGCn4Xo8IcyRaKwPc6lDPOR1jf4tjPORPNFR6E1svICm6ZIytL5nHG-HSmDIVww2W3-i1Q7qvvzwJBIRVRKlBX1ZHzLR1ANGtRFTd9Rvv5cXu-jcEXcAEvveNwpwC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_Pm8nSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD8vgXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQxMzc0ODE0MTQ3NzI2MjYY-pgY&sigh=ZnGaCN8hqVk&uach_m=[UACH]&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9D71 3 KB
3 KB 59ms
24ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 19:04:08 GMT
x-content-type-options: nosniff
server: cafe
age: 17013
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Mon, 15 May 2023 19:04:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9D71 344 B
402 B 59ms
24ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 36751
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 15 May 2023 13:35:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9D71 0
0 66ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C36QaHHNhZNeOPJ2i9u8Psq-W-Ajqx7PWbZXvr5qmEcSZ-oO2CRABIPL-hSdglcL2gZQHoAHi68HbA8gBCakCuEm_tTNnsj7gAgCoAwHIAwqqBOMCT9DEyJhdxnzf4EXl4mRWZBp7AKPrt4L4nNXZOqj8wQYbKmDv1jlSuGC-R_eotcLLzE3JObtiaCnmir8A59J7UWeY8lJdWySrlZaY8UvoxHy9iy37PbIL8Syoo1CPdfpuR8crzCWgOR0qyV2K7gDCVOHKjNQ7t-Pi5fpYuYv7G9cFXLH4GNlGV0UXk2RSvO9n_xQhi3PlapujecT87nbGOZXBRulUAm1gA0MC_eCEhi65yC5XLrj7q5Na54sldFbLC87LU9wYWopYAlMLdNK1JdLJQSo0Zxl3zrezEMEMDKWYmVbgrXFuxetRlF-uIRzR_rgi5jyfzertkEojdZyr7s1zbtsSeN4HRXINsYbCkfQ7yYXttjoVT1_5SHxjR13VqtwtjB2T4Cz3cqwwIaOzSSODlfm7YU1E7QIazdAgCT8DO1BT6ksAmmn_Oiyo_KXFj-nTsAyMCnGxugAoVEcK8piAy8AEkOHssaME4AQBkgUECAQYAZIFBAgFGASgBi6AB4aUviSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC2ugLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBuBPkA9gTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTM3NDgxNDE0NzcyNjI2GPqYGA&sigh=i6gXfJhLb3A&uach_m=[UACH]&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&template_id=484
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8072 3 KB
3 KB 57ms
23ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 19:04:08 GMT
x-content-type-options: nosniff
server: cafe
age: 17013
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Mon, 15 May 2023 19:04:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8072 344 B
449 B 27ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 36751
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 15 May 2023 13:35:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8072 0
0 65ms
64ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA7hqHHNhZNmOPJ2i9u8Psq-W-AiQouy-cP37x-ugEbO346vTOxABIPL-hSdglcL2gZQHoAHIjKT8A8gBCakCuEm_tTNnsj7gAgCoAwHIAwqqBN8CT9DMVdHWHZeRt_9x71wjTdR2IsBC_bZlj5qxz-8MM-jflHSxaOpMgMtnECqrJXyFQfAX-DSIkhllJBt7P5JjQswto7Zk9sqo-xTFqCyqM0BuiyouC8hHN2ZSCHZORIPUubxG9PZ4lsMb6JbT03aWD_cRK_NQyRms0OfLpiTryRT6X4nzWDfEAWFMhvkfU76MeF6CZIrYmWPuG_e7DW2PKkGpNsFIA-4_6UJ1baYVjpy4AwfHohC8kT5pW-yXIO9IOHpF3fLFCtXhP1DhzwrwflGmGgxpvTUPF6wb9fqQ0-JO7FBE9mma_48kMpEKZlwzWbXwEc-6JwYltrRc89L9UpVVIWNCpQmILykYS-5FwXklSPSowbBKkfuw7PTfrxvmz1HUcTS6LP_eyQOzNoUL44fmPgtlBuXptIc-A5cGOHTYOaZsiOSaXW7JOhheg_oYAhYJCTe2jt0jSpsn33icwATjprDNqwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHoPPbA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIHyBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw6IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEzNzQ4MTQxNDc3MjYyNhj6mBg&sigh=0i4nRX0V3ik&uach_m=[UACH]&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&template_id=5000
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10827938616286048952/ Frame 9D71 2 KB
2 KB 33ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10827938616286048952/14763004658117789537?w=200&h=200

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2d221cc0923d55f39d4f30c0de7e48a11da97290c6ab979e63aee4c4076ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:34:07 GMT
x-content-type-options: nosniff
age: 166414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2264
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:25:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 01:34:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6827759056188594909/ Frame 9D71 12 KB
12 KB 33ms
9ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6827759056188594909/14763004658117789537?w=400&h=209

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f17c32e55f77b6eb774108c7b6007de0162f078ed2fe64782e6692a6f051efc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:55:11 GMT
x-content-type-options: nosniff
age: 157950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11956
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 03:55:11 GMT

GET
DATA 200
OK truncated
/ Frame 9D71 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D71 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d2980153e9c19c5f7b5dc909a6d14e24b48d7952cead72aa01a9069594d3f39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15526145321348145647/ Frame 8072 15 KB
16 KB 28ms
22ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15526145321348145647/14763004658117789537

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6405536ffab9964897bf86e7810a18c058c3c3aa3635ba1a27efac910e2af6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:51:16 GMT
x-content-type-options: nosniff
age: 305785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15769
x-xss-protection: 0
last-modified: Wed, 10 May 2023 11:43:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 10:51:16 GMT

GET
DATA 200
OK truncated
/ Frame 8072 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8072 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8072 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9eb70651027354655ed6d2559932a191b73618d665f784ceb0a61e54ed82eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D71 15 KB
16 KB 38ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 149097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:22:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D71 15 KB
15 KB 40ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 174809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 23:14:12 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 8072 29 KB
29 KB 42ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.star.com.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 91271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:26:30 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F226 624 B
286 B 64ms
24ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDtk5HGAxil5brpATAB&v=APEucNX4c_lSXinDc-sc2lUMAv9idN-bvSa9T1okFaLpei9HIURXcxIYwxKbGPZXGZHLzRh8gOKJCk3CTY8OiDHPIpywgeWHU6Eeve32pH5uGjIghx-y0n0uXxcD1XkEutZhT0jHCsMqyGFBjbZnl04B95cJy3IbOp_kzenj8n_Lfrw-PgQrsBs

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FDB3 78 KB
27 KB 71ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB3 42 B
63 B 81ms
50ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqWqIoRp_wR-4j500jWlHbIN-EFvf1EygCUFZLDeW_DBVf3a_EpyYdlvkaOAdZ8QnT1W8KiTmkO5_OoX7qVC-QcSmt9bS8GVq8Qc2wTU1L5ur7pPA

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB3 0
20 B 80ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11883052444250348050&x=1&ct=76

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FDB3 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 13:15:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FDB3 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDB3 169 KB
53 KB 65ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 659C 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwvWmHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTZAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJOAnjJWp_IE4y4ZpKfhihhASPsuh-5bn8vOh0Sr4m1jEZIdKDIaTuAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODczODQyNDIxODMwNzgyMhj6mBg&sigh=eWKINjCDR1k&uach_m=[UACH]&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&tpd=AGWhJmunGrTqXt05E9PFvraE1YnpH6cjFPev9ZKog0ts7uHnkyjBAih4uAPTQZcf-65UkFjKB9Itqw30MK3v3qIGaIfaiHWI4wDuPXqEJr-cqtKqcqITI05P4bm8g5sskWmPpoXbWbCgE_HTuzggW6fWmjs6WcJs-3DjH6vwexWIu_TMNigvBDmYq5CAvA_AJo4_ph7OH75yobEsFs7W-rGqxRDl3cz99kWP3EAxnUZkPxSsIKdJ7qtDVc6K2SDzIaSvF1EHy739NmdCjHG60xqr2du_HSyjCu6rOkY0Jt-xwi_6nLUzdtk5S0P4_Q30GDN_3Jh8ZmyM7Uplt1vPbQlCyhMx7KeWLwz6kjSaaQsFDpssIPA49RupdRDcxZOymfUgkXLQGQUDzFLug5bWhpTJBsEFZbXmSl50BorKYpyYyO4Iun25qxFW8scvRzduYn2IgdO0X2tqJOwnRY3sOprXEAUu17LHc6xtnlyi48hVUCHgR-6MU16bMNTJBH07su4PO82DhQpguwwBqBWb6adb2mK9r-6snGqzeu5qXa68avtRtDMfZdwOxZjAWbYddNYXEvY7WHEAE6LtiEoold87gHqQWHaa67A82fdz07fpk78q0wUEHcRFpB99sfb2Rrc0-Ro72B1Z6axhW8S2DYUbWu3FWuZ9d0znhfmZ6GXUO2al5QzDTLVV54RVyBtkQKm01YL89vONj3URSe1YpU_pT1-07PjKXIgPqah_yPt97okNGaHOIlZaakQMJhU6AGZf3e23wK4lcZGt7RdclKUn-8kskYr-VZvOT3sHkr_bMYtRK8ZnBoIvRspT3xxW0X7O4FybewQxZl2z8o5yULOfFCLPmuzeIrobyRMolzlA_tXAa4M74XPvU-_0nB87452Qq4gi-oyVlzogsNVdLxcK3fJRNVjJhHfN7Ou2vO9gZxMEZDZ1c2QuLF8zQvFVupLT17Bp844arvHs28o3hfgQqdvzuBB_Sgsm4s5dyUjPapQlrgwMgZOykboVm-3o-NMdm0D5hRO_t_iklE_MzyXDI0Ltzu2Rtzcru3HNJvw0FWxzzqZbcJFJrZmZec1UotNBWcUWCvKHF7Sq79jMkCzbDVDXxgADYFHw8eXACcEB3mQaeTvQ
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 659C 3 KB
3 KB 63ms
17ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzYyNDIxNzA5MTkxNjY1MDMvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MXNVeGVDb1NoX2p5QXJtMXNVZ2RPRS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2MjQyMTcwOTE5MTY2NTAzL2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/c1KMJjAXhiH4KIqmNaES-8sx6a8&nodeid=4037&group=cdg&auctionid=7576242170919166503&pbs_auctionid=7576242170919166503&shardkey=7576242170919166503&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%26client%3Dca-pub-8738424218307822%26adurl%3D
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: efbae87651ee5e6a28cc9f38ee6c09ff1fe7b82a3013a91786721a565d944b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
x-mm-nodeid: 4037
Content-Encoding: gzip
x-mm-bid-request-time: 1684108061
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sun, 14 May 2023 23:47:41 GMT
Server: MMBD/3.387.2
x-mm-latency: 1 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x50, cdg-bidder-x182
x-mm-lag: 0
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 659C 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 13:15:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 659C 19 KB
8 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 12:20:58 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 659C 24 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 May 2024 14:52:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 659C 169 KB
52 KB 73ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9CC4 0
0 71ms
59ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAmnbHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTlAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpGZmzTLPolMOkYxlrt5XthnaFymoq9IzRb0-OBlDO0V5MQKNpYcfOAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzM4NDI0MjE4MzA3ODIyGPqYGA&sigh=RbGwau3RsPY&uach_m=[UACH]&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&tpd=AGWhJmv36xxHuMF3a5abJ-jZERdtGbWDEu5xePmdcMZnkM39rFy68Na6b3NVddoAlwCIoI3Q3y28w8wxmrDtpb47Qr91TBN85nIcq-hJc86bmy9_VVAJ-4gjzv1LRByw3kiLCjUSZY2HsRRGQJliktiP1VpBaFWBJNWUOzVoNDePpl10xgjjEovcR4eR3PRh6oxRTb0aSBE_o0qfW6DhCciBEx_SZutWb9-VbEVGo5LZgreQDBO4-N-wre6AxsmY6OJH8HXAya__JQC-G0rwJ73aJwCp3H-kEdlVSX-Crvy_GzkuwK3j35ABQXuN6-Okqx9yyNKJSyf8D85gQZS5184sdAwod0aQ1OM09IuMG7yvYrqKPOvOjdQ36ZClGu2lahlloCTRwd5IwpgPuUw81pMSfnRrxQ5soo3tThNy_-nCLo-LkC4kaxTedlZMKqlu09RYcvQArYaijZ7MI9exY-YMUHr4G_DK9NmNRW3zwbnS1r3XAde0C0LIxSJpl-5nNETwpChZ5pO-MogcuawUUIfKiXgISvHQhv9GvtQmDOXWEDN241RkSds80MxYqmBBk6qg7VEUseyFqWVTXN3IlhLgaWl1zvTbX8s9r3G9NbSMAHm5BDN2fpLAJ0ZR-bm5FQkq1vDzYkiPWzaBKbH0wlWtya8eHnAhBUBOsOMYkUKtWY2Hx-b7_bzj9Wj4MnpDONFsDX0XLrcW1emTMoob-IHrVP6gQH1j3jWUfL9CeDcwbjLEp5fhBetFIRk_XBhZ_h6yyFvPts6GsZmKQzl10ryjP3ynepbuIbE52X_goCU4H5v96ls7hWQvDWVDuueJAzYSB9dOWvLi0ftnEXM6mrPrCoziYu-tChK8k2DN6bO9sE9aDfI71wFNoReMWV3LNEkAzQEcCVVEUjomEyRxnIb8eQo7JZSro0CDTr4H3Q09GM1cVGDJ1-02kCuYp7EWGaOW-SMYvbyQFYLY_-9TlMR5aCo8rlelmck7lPlsaQnv0vbIFTBLU5l5wYpahQzkz-RSlxqcbqSzHXCWD-9cP-4_XiUDMVXz3yOHBnzJ1pqRxtvz9h0Sz_QJP2vGRISIX1L3msNr3KCD6-o4Diss1x3rcdgPnOOMHa8owdv3AgdrX7JCC5P_
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 9CC4 3 KB
2 KB 58ms
17ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MTE2MzQ2NDc4ODQ5MzE2NTgvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M3BoRko3YjdnRzZzSDgwb3JnZWROWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODExNjM0NjQ3ODg0OTMxNjU4L2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/gjysrflJ2F8xfcRlScgIiddh3Jw&nodeid=4037&group=cdg&auctionid=1811634647884931658&pbs_auctionid=1811634647884931658&shardkey=1811634647884931658&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.174&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%26client%3Dca-pub-8738424218307822%26adurl%3D
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 918df07402cf0622fa85e2e60b2038d4b5640a4e3f432b111d49a452f2edd584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
x-mm-nodeid: 4037
Content-Encoding: gzip
x-mm-bid-request-time: 1684108061
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sun, 14 May 2023 23:47:41 GMT
Server: MMBD/3.387.2
x-mm-latency: 1 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x54, cdg-bidder-x182
x-mm-lag: 0
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9CC4 3 KB
1 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 13:15:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 9CC4 19 KB
8 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 12:20:58 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9CC4 24 KB
6 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 May 2024 14:52:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CC4 169 KB
52 KB 73ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4EAA 624 B
578 B 43ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWq8H2XKjQZkjAF1PZ6NtDNU2mikiM7wypLd_JB5dJLFetWgekCMtqqDer1p6EGWMYwLzve-uOUi2CpXIB3XURs-UaPxf8iKf2TCU8ONvHbDnSlQLikeG1iZ5ttpjrn44YKsco1hVontUIxiOEwKcxoQpd74e15IZoM6wPlujknjlzYois

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C8D 78 KB
27 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C8D 42 B
63 B 64ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv1_daU7Jj8AuViBaik1Yn-kORpUqraqNJSccOincIZ1fYZFRe7cl4xrKSyBnDie88c8HaI1Ofl9Y_jgrlAZffBmxawRoRdes6UBu03M9LUa03GBk

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C8D 0
20 B 60ms
50ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5882153829682510506&x=1&ct=77

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2C8D 3 KB
1 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 13:15:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2C8D 19 KB
8 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C8D 169 KB
52 KB 67ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:41 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5B43
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

21ms
20ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4EAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWq8H2XKjQZkjAF1PZ6NtDNU2mikiM7wypLd_JB5dJLFetWgekCMtqqDer1p6EGWMYwLzve-uOUi2CpXIB3XURs-UaPxf8iKf2TCU8ONvHbDnSlQLikeG1iZ5ttpjrn44YKsco1hVontUIxiOEwKcxoQpd74e15IZoM6wPlujknjlzYois
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4EAA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGFzHY6rjmoYTYnMNxxbNwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1

43 B
632 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWq8H2XKjQZkjAF1PZ6NtDNU2mikiM7wypLd_JB5dJLFetWgekCMtqqDer1p6EGWMYwLzve-uOUi2CpXIB3XURs-UaPxf8iKf2TCU8ONvHbDnSlQLikeG1iZ5ttpjrn44YKsco1hVontUIxiOEwKcxoQpd74e15IZoM6wPlujknjlzYois
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4EAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1

43 B
1 KB

33ms
17ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWq8H2XKjQZkjAF1PZ6NtDNU2mikiM7wypLd_JB5dJLFetWgekCMtqqDer1p6EGWMYwLzve-uOUi2CpXIB3XURs-UaPxf8iKf2TCU8ONvHbDnSlQLikeG1iZ5ttpjrn44YKsco1hVontUIxiOEwKcxoQpd74e15IZoM6wPlujknjlzYois

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
AN-X-Request-Uuid: 6c75a4fc-6084-4733-912a-cfd9e2c7e113
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4EAA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D

170 B
244 B

45ms
45ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 14 May 2023 23:47:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6fe5315b-c149-423e-ac7f-aba723f89c7b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F226
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDtk5HGAxil5brpATAB&v=APEucNX4c_lSXinDc-sc2lUMAv9idN-bvSa9T1okFaLpei9HIURXcxIYwxKbGPZXGZHLzRh8gOKJCk3CTY8OiDHPIpywgeWHU6Eeve32pH5uGjIghx-y0n0uXxcD1XkEutZhT0jHCsMqyGFBjbZnl04B95cJy3IbOp_kzenj8n_Lfrw-PgQrsBs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F226
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGFzHY6rjmoYTYnMNxxbNwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDtk5HGAxil5brpATAB&v=APEucNX4c_lSXinDc-sc2lUMAv9idN-bvSa9T1okFaLpei9HIURXcxIYwxKbGPZXGZHLzRh8gOKJCk3CTY8OiDHPIpywgeWHU6Eeve32pH5uGjIghx-y0n0uXxcD1XkEutZhT0jHCsMqyGFBjbZnl04B95cJy3IbOp_kzenj8n_Lfrw-PgQrsBs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELlmgC3iHUvBj-6BxqmWn0Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F226
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1

43 B
1 KB

41ms
30ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDtk5HGAxil5brpATAB&v=APEucNX4c_lSXinDc-sc2lUMAv9idN-bvSa9T1okFaLpei9HIURXcxIYwxKbGPZXGZHLzRh8gOKJCk3CTY8OiDHPIpywgeWHU6Eeve32pH5uGjIghx-y0n0uXxcD1XkEutZhT0jHCsMqyGFBjbZnl04B95cJy3IbOp_kzenj8n_Lfrw-PgQrsBs

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
AN-X-Request-Uuid: 40273ff1-ab24-41e6-ae93-50d3c1049c31
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA6Bfw2ShuMc092d8EySBP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F226
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D

170 B
233 B

45ms
44ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 14 May 2023 23:47:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8ad7a5bd-4cd8-4197-a7bf-53a7e47665cb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyNjQ5NjkxNzQ5NjQ0MDczMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8072 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 19:04:08 GMT
x-content-type-options: nosniff
server: cafe
age: 17013
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Mon, 15 May 2023 19:04:08 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8072 344 B
368 B 10ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032305051745000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 36751
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 15 May 2023 13:35:10 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10003.iX284mmL2udMm4MGAMO-hVsbV12s49HMVvsHj-uiDlf5EVZwnpn-QfnPN9M0VIRh.FD1NJJNc2j2FYPqGIubtRM6Xweg%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10003.ObmXeV8XcFoKLX7BIaBG4KU5_ga85Um0geNJdqickSvHERpiS1bgPLO5KBK8zlPLVmgzXnl-v6GB0iX0C9qalLxYpoyaywpI4xYdyk0UsJ8%2C.OQthq2w7xNRJs37hF...

43 B
79 B

51ms
51ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10003.ObmXeV8XcFoKLX7BIaBG4KU5_ga85Um0geNJdqickSvHERpiS1bgPLO5KBK8zlPLVmgzXnl-v6GB0iX0C9qalLxYpoyaywpI4xYdyk0UsJ8%2C.OQthq2w7xNRJs37hFcFWLDgL7qM%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10003.ObmXeV8XcFoKLX7BIaBG4KU5_ga85Um0geNJdqickSvHERpiS1bgPLO5KBK8zlPLVmgzXnl-v6GB0iX0C9qalLxYpoyaywpI4xYdyk0UsJ8%2C.OQthq2w7xNRJs37hFcFWLDgL7qM%2C
date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com.tr/
Redirect Chain

https://mc.yandex.com.tr/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com.tr&token=10003.zxhOR79K1pObece_4Kj2HCL6Fg35tTfxGle4VVEKsvn9xaE2rUX-mYqyyXDBuXgV.3hO6TKqHWjnR5aEElooNhDXjJ64%2C
https://mc.yandex.com.tr/sync_cookie_image_decide_secondary?token=10003.rQBwE3CNShAAn_3RmlnhiFzD0nh8YNZCmOOxxvJMrFr3Dtu6henryESjXzWeuElUrYt2j9TWE-YN0Wd9OxQ6c0JLtt6owUk-ZTn0ctwxHCI%2C.0_xAqzh9Flo6iy...

43 B
67 B

56ms
56ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com.tr/sync_cookie_image_decide_secondary?token=10003.rQBwE3CNShAAn_3RmlnhiFzD0nh8YNZCmOOxxvJMrFr3Dtu6henryESjXzWeuElUrYt2j9TWE-YN0Wd9OxQ6c0JLtt6owUk-ZTn0ctwxHCI%2C.0_xAqzh9Flo6iy-fk_izIdjgmgA%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com.tr/sync_cookie_image_decide_secondary?token=10003.rQBwE3CNShAAn_3RmlnhiFzD0nh8YNZCmOOxxvJMrFr3Dtu6henryESjXzWeuElUrYt2j9TWE-YN0Wd9OxQ6c0JLtt6owUk-ZTn0ctwxHCI%2C.0_xAqzh9Flo6iy-fk_izIdjgmgA%2C
date: Sun, 14 May 2023 23:47:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C8D 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8114003535102&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C8D 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8114003535102&version=m202301230201&ct=77&x=1&cor=5882153829682511000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C8D 15 KB
11 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeLANJN5SWJ7y0JB3f0zuW6njVn7YxVvA_ghbRc8d1aptBqquOnaZ4TsjAfmvBYBz7xTK1gHhHnmbdVhjvwee7STqMwk4zHIpZWV0gBUVv3AHfA98cueHuh1ldXGzK2aN5DxSNii6qeoc2Ni6-3MflNEX3VopC61hDnl7LlwEl0tOjYSs&cry=1&dbm_d=AKAmf-CbxqlbNf67QIVOWx6sRvagJEAeVKaiSy1avuVD-UIj7cMrW_zUbPUE8JDlrlDcNa7rf72thHCUhjm8AEMaG22okpUZ94-fWvkOlW1-f0FRHLfv6coSSLVc2x89kESZ0Jr8b3k7d2S18KnR7ClIhl2kkCWfYxyabjJ1-KcBTn_A44_wuiMpRpTRGHSgNarOoDO-zTaCeO1f0PYljg41ToiV-Ou-IQa42-qjIuZO577tQ20SZNNIdga_kU2mf60iXqlfWM_CpY2XRAz4EjuAjR9lQAk_Bl9oU1V5LyAUHxl-fPHNV0aUz4EIc4AyZ-F7aWrIAf4bPsowU8i9j4n7uF2zeSJ2o1rWJN18yFI3ybcXBxYqm4eRDFG7BYVyK7UrEs64mO1K6zerMApKciJi9j2R-vqY9x-S9r42KKjr4iDFxWP-BkH5O54xp11CtYnb6ypuWSdQQn7nl2_vt0Nn-rI1Zp3PWywS1orLNY5gU5hCL5awHkX14pKmWOzjf0zojTduolVZdWN36HulnxNv07BJ5cuoKLOPWwOqOSWaOQsu1539OTIEmfBbOsVzYDTuWydCMoeVsKXwFBQaHSIHolIZOTQteCRw_9iWdiIh-fK0iZDtmCXXtIJmlZ_FYwHA2JYU_dcnywBYXM_9yAGwwk2FYpRgVlZYvpJvdV1kU6OWBuvhjbPCzmZ2yUgOs3OpdmPnofUDdUx7oyg3hNKdbuSNLSHk8A-N1AIBKrMw325LhNJbuzrs1auA9uXSAOmtg8L3jmp5u4E8K6SlU5D8aP743vy0jHGnTokSmziI2U3AMm_kzMpI8ZT5eaaAhSHJsyzUVSBsYnL8fp_5LJkoHov6yJOnVotEeRNLPFCv4G2rJjjz-KUHafQk9jhW01QIITfh75gM5JX14e0fvWG08c5slXfJCCCUnHft3wKlh4EQHoU2o2uWUTnvNCameMikYzHNMjNho_GP7Ndqy63-r2moXh5YRmZ7LyhRlK_oavVFifIvMIZw7frPwznP5vwVE5D_mqa3youoFacGoFrJMumCxXSnT1TSF_WVIB6WIgpawgG3wti37oMzsDM7zHUUMwZdRWeew4_oVNuPybk0zrLOvw1b6zKR2TYxZXnmJ3tcj4gDcbhzz247nDGWdva7fFI90BQai_GI3nGToRefCjNo0SwLeLmV-b2p6BaX41-NkqHY_bczbw7Vwwz7pUIt6-tm6gHtHNdH540ADfOZq7-AxKXlrwvB40arKaqxRz3PS5FZHZ85c85ny5GYqGIVVx4wTzqaU8Za2aoZxXKZqsFfOqWArUd5YLfaGeiu1sjmZi1Whq6Lg79CcHEelCOVOqet6nsGj_auX223HNRxY0Zk-zR4X210HIGcJxw9StE0r7ayZNSJWegVZCleiN6jzHJ0N6Ze_mBUNN07qyK53PUYsJzvAnMCV2XFFN5_hqIHJk7snoAmthWnq42lWdeLYT-naHCjKsYIvfL3ZCnr635YJOFI7gjP6aAIrvSNkhS1Fcz4KhdQN9Rasu5OCNc84BdGPDG3DjzWtxax4LOA86YX5V3z9pP06_pCYa2_WdilF553Ac0C4SXjy45Jk_ahkHkcjC0aUk8PPOu26s4FRaRMUEy9938bnMvPejcyeEIKTU9cHO24WJbSYDijLTArv4S3nHaR_AXfF3OfgGiPB8b9o20UImu5_nR2PoXS0pIw8ssjzRjNwt5g-rtoZJiUmME-UchweLEiR9AJflvd_pKUFaowthRYmRRVvX1ff0_LQSws1DKs6vhAlarLs6mbPvhS70zSGPWO1Vjzmz29EbHn-YX8p2hxkvmvsKGIT-rX3vZOyiMU1zNMA8Gjhzjge4xrRkuQ4zSw22rLz3xzvu0tCFArowJIvoqE8nMuocPAz28EPqG1tOGKWti1HL82VREf29zDzVp_4BAXOPBMxM2-y7imjFUGWXW3BNKl22n_FznKpxMn25cT-9D9E7u3PdcMUrL0PeKZd-RaeXfcUehVrXr-cZUUDsXAmAUpBpl8fLQ6WoLM1i4KEOsXik7rGTf8evNPw6GDSXj2k79SfROSBhgMPD_3vDyuwWvLvjTn-OrcuGmepSEgfiJ0sTrR-ow-SyNrXCkTOYl7ZmboCAI0RgVTz26OLTL6fKH5X1PaluJA67Gs5dTftAkJTAhD9QwoMB4JexqZBi04i1xP6VEEfatpp-A4iiE6PGqrdPgvw3-JjNQVQbdwj7hrBnbxPK6Edz81x3-4HpZN4vuPku5RTdDSPJF_C5ygtU5J1jBKrc13PQUwFamoo3A8VcD6YuaGPYjwJaljWdssumk4WqwHpFu7A4Fkf4j2e4Q5yUEGRNkXZx3Ho5WtolaJt-GrFalxdenlW8yN4KIINvASPpg6wxireusfAeifVborD6tBET8CDvwzZyznAkP1RZa5XY9RSJzvm2eePzbtTgPJ5VVliP7LqoME1Z1pv0AlNP9ogqwvI9ZBkUMOOpNKvlDOqLsECkS_MPA1e9NpHqRNmQgW9qA9sNAArzpN4znuQr6DmS5C5WTrX--Ym-WqAUYGeOan_vJ12JM2aJeAZ_5zxusyNjcXB5wORyCcK7ynXsHej3c780B5u-u3hkcBqAPpoiijA0jladrYHQ-v9RuAJe7iNG61j3UXK-hR_8UOvfYI4YZYWyaErP9P3SNmb4p63Cu_VvfSZWW_XhZlUd8ZFsLdnJTbQ8-SLOROs-1txZthI_uvwrNQEmZiVH9TUa4M-iiFOc7XUK0V5LuQdnq13S4l85ovXAeveRqW9roGFPGjsWyA1IdAqTmB-xWalqz37XBcp5q5tsgVnEPS7zlIue7pBiYn4e3YHAjKj8eBtHfzxqkF1n5f26AasmjYcaBYU2P44mKFa1P2tXeCONgWzXgbM_gj0-TUDHlFsHSZlF5UCF16M6q_YEtm73mJryL912PmQk45EAJXxerf-Ujl8hGjzvGdz_jCj9iF535fmxKVWyOl3dlpoG6aqTyYmmKEI4-F6RO4qC2bHFvO1oqxqVj6PKU9DScQBxfJ5-tfMJbXT0MnHBDsdtH6v5v4uwuicmjgFEXllzsDUbnHTS5N6B9UxLvx0N_G0PZy83gCHzmihfevI8hsCw7Zy_1cIAPWS1J9kdAnO9Rj1ChHz1Lz3ZNkrVacMRevDRBd81Nzx2AXY6Wy6U8OrczuTvAV8yz099hHbNARZs8Zo_CewWVQLOlEbd2r4hTwKBZPGcly-sgASCDS4qteRTRz0oHtvPHkW7595VzpADuqzW9iP1AzIy7pVZY8TqaBCCwWl3c5RO1iyWSI0F2SombarM9PSFCDuLmevfPk5v_y2SJaK3djr7zeLS3KNh_SgNZ6AgOhqi-KIg-T96b_l9ykEQF_ZzOjlK0_cPorT3LfniB_aiVHENgm-qLCsF9n2jz3i6vMQrZ-io5NJhaakBvSJ9nn1zOasvEhHzVJ6HpenldWEFXn5Yz5L1Nswrk4bl1izeK6g8CglW6aiRueMWuuOwuveoGd-Li8YY09yPj4FDtznkNsLUhuIFEf5na3cP542tGuCVa7aY98CCZblaArYY2Et0_OJ9zWvsd3QVdqpeXJkCqjUE64jXGxli_iAvokg5upD3PyRI7RAPF1WkEwkf5htKAGOHzeCj3qpTJIXgOEPd6siGKGRMq5tPalcn8lQ2LvDCqLr_-P-RzjhFe9WGG7-F3h8K97wRmahRijCAC__v5OKxPtnYTZYZeYnXh1r4PIJO3kymTu6hGUxy4tEiGbu7wlDOvFMZUk8qT2zYbkuRW3YH9AcgW_RGP_m-oBKaRy8lgasZUGFa-U7nhtNv6gjDb53d6Da-xLleqhMHh0udzRTazmFvHCYJ8-4_8Gz0-Uul1VKDi7Nw0maL6LS1jrwVFqT-QU4C8qayIDxU7reWmCNb2Nj_s039NH2qYEODklojiJuSw1K9k&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.star.com.tr%2F&ds=l&xdt=1&iif=1&cor=5882153829682511000&adk=2086295851&idt=47&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad2159dceff0dbdd184c31296707c36052fc996e4d8532ad0baa8407edff0b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 659C 10 KB
4 KB 44ms
11ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=7576242170919166503&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DMAKg3wYB9YMD3M8fy9Pwfw%26exch_seat%3D20035004448%26mt_aid%3D7576242170919166503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D84686461-731d-4e01-9eff-430db1598639%26mt_cid%3D84686461-731d-4e01-9eff-430db1598639%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 5b93641b26dd13b5b00bb077675aa45de2659e5bac21e086945501cf35b512e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3525
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 659C 49 B
330 B 40ms
15ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7576242170919166503&node_id=4037&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzYyNDIxNzA5MTkxNjY1MDMvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MXNVeGVDb1NoX2p5QXJtMXNVZ2RPRS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2MjQyMTcwOTE5MTY2NTAzL2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/c1KMJjAXhiH4KIqmNaES-8sx6a8&nodeid=4037&group=cdg&auctionid=7576242170919166503&pbs_auctionid=7576242170919166503&shardkey=7576242170919166503&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%26client%3Dca-pub-8738424218307822%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Server: MMBD/3.387.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x99, cdg-bidder-x182
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 659C 7 KB
3 KB 201ms
34ms Script
text/javascript 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&ui=c22f667b-0000-0000-0000-000000000000&ap=&ti=7576242170919166503&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sr=4&de=43000&si=2096293204&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzYyNDIxNzA5MTkxNjY1MDMvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MXNVeGVDb1NoX2p5QXJtMXNVZ2RPRS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2MjQyMTcwOTE5MTY2NTAzL2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/c1KMJjAXhiH4KIqmNaES-8sx6a8&nodeid=4037&group=cdg&auctionid=7576242170919166503&pbs_auctionid=7576242170919166503&shardkey=7576242170919166503&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%26client%3Dca-pub-8738424218307822%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-131-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9af9221ce3f93bd109d974baede25b609f7f5f487b2a213537c7aad5d63b959e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 3065
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 659C 43 B
416 B 89ms
20ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7576242170919166503&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzYyNDIxNzA5MTkxNjY1MDMvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MXNVeGVDb1NoX2p5QXJtMXNVZ2RPRS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2MjQyMTcwOTE5MTY2NTAzL2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/c1KMJjAXhiH4KIqmNaES-8sx6a8&nodeid=4037&group=cdg&auctionid=7576242170919166503&pbs_auctionid=7576242170919166503&shardkey=7576242170919166503&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%26client%3Dca-pub-8738424218307822%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 874 41fc63c master cdg-pixel-x10 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Server: MT3 874 41fc63c master cdg-pixel-x10 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 659C 49 B
330 B 46ms
15ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7576242170919166503&st=4562306&time=1684108061&nodeid=4037
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NzYyNDIxNzA5MTkxNjY1MDMvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MXNVeGVDb1NoX2p5QXJtMXNVZ2RPRS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTc2MjQyMTcwOTE5MTY2NTAzL2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/c1KMJjAXhiH4KIqmNaES-8sx6a8&nodeid=4037&group=cdg&auctionid=7576242170919166503&pbs_auctionid=7576242170919166503&shardkey=7576242170919166503&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%26client%3Dca-pub-8738424218307822%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Server: MMBD/3.387.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x53, cdg-bidder-x182
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 9CC4 10 KB
4 KB 41ms
11ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=1811634647884931658&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1YU8O_9rBPMScedJ82CJKA%26exch_seat%3D20035004448%26mt_aid%3D1811634647884931658%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_cid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8dbf27de8471ffe31a2edb3457132300a28567a63df08274b6d1b3725ace8405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3530
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 9CC4 49 B
331 B 47ms
17ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1811634647884931658&node_id=4037&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MTE2MzQ2NDc4ODQ5MzE2NTgvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M3BoRko3YjdnRzZzSDgwb3JnZWROWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODExNjM0NjQ3ODg0OTMxNjU4L2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/gjysrflJ2F8xfcRlScgIiddh3Jw&nodeid=4037&group=cdg&auctionid=1811634647884931658&pbs_auctionid=1811634647884931658&shardkey=1811634647884931658&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.174&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%26client%3Dca-pub-8738424218307822%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Server: MMBD/3.387.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x101, cdg-bidder-x182
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 9CC4 43 B
416 B 88ms
20ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1811634647884931658&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MTE2MzQ2NDc4ODQ5MzE2NTgvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M3BoRko3YjdnRzZzSDgwb3JnZWROWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODExNjM0NjQ3ODg0OTMxNjU4L2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/gjysrflJ2F8xfcRlScgIiddh3Jw&nodeid=4037&group=cdg&auctionid=1811634647884931658&pbs_auctionid=1811634647884931658&shardkey=1811634647884931658&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.174&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%26client%3Dca-pub-8738424218307822%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 14 May 2023 23:47:40 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 9CC4 49 B
330 B 44ms
14ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1811634647884931658&st=4562306&time=1684108061&nodeid=4037
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJeVpqWTJOMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE4MTE2MzQ2NDc4ODQ5MzE2NTgvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M3BoRko3YjdnRzZzSDgwb3JnZWROWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xODExNjM0NjQ3ODg0OTMxNjU4L2Ftcy8wLzEyOC83Lzk5OS8zMjIvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjg0MTA4MDYxLzE2ODQxMjA2NjEvNC9wdWItODczODQyNDIxODMwNzgyMi8/gjysrflJ2F8xfcRlScgIiddh3Jw&nodeid=4037&group=cdg&auctionid=1811634647884931658&pbs_auctionid=1811634647884931658&shardkey=1811634647884931658&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.174&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%26client%3Dca-pub-8738424218307822%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.387.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Server: MMBD/3.387.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x82, cdg-bidder-x182
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 14 May 2023 23:47:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB3 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8164298088120&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB3 0
20 B 46ms
45ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8164298088120&version=m202301230201&ct=76&x=1&cor=11883052444250348000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FDB3 85 KB
36 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDBepm4k7r6tvJyAmftQytZnePC_hpTuNPcZMk3qnbnKF0Hz1IG0BM4CiQogg2exrHUZVogTzcPdGocoGtTO6ZTLmu9DS1X0tTj8kV3-Y_g12HWRl5EuMqfRloChh5kPeID6JGILmC0K4il0E3iFrPD8GIzxOBr7YsJPhjBx2IBCqL504&dbm_d=AKAmf-DO5_IHdHZFXHpp-P5rPkBRQVIGbkHu49G3BnHE2jE4bCR7Ouel9qToSh8LlMr6L-z5cf3gTQnAn3t0pY0STW0zEeuEo4NBoKRmFwXBtRBd_Q5jLsjZq0wCpzooAFVLERWJtNJT9bxWlkfL5fraGovLrRP9Ptb_wLUEnb20_XJPXCOMZzss4-5pXHU-JUuXSd1wqeGezTBjVbj7IFSzWLgW7JXuoEExysyK4wER83nlntrxX3N_OCH5n-LE1OJsdOn4tlCp6YUcg0XYt_vw-hk1YMoNIgzAxTJXLBRg80Q5xcAzH_qSrSwxQpFb7CBbtzprxLHZ_i8_TSU6SNmSqpcmq3y99ZP1J8bugrrfhKJ6-toM8y2YGEwgoFTHemkKCf4GVb6aAty0T2olAqsKSF7bOM4D0IE0_b3QMdJ8-_7uonxVDxbx17KVrTq3gbY9TlEwUqmW4pSn0bLRHX7XeoGE7HTlMSSMDOKOMUUIdJsP7lYQhrSd0q0PSwU_INEUBf6eTGaswJEjhNoIGQt88QHRtTf5oZF-FnmjwsWsf5ZFjIAEQq2WrX-VF1LXO-BpeGsCLrGD7-8GjDZOZYR-IgzYta_BuJR6fxH9PFz64YTnOnh_cQ3E55tzPpg6DqOraeBWJGkgn1REPfWSpKez7caPI2E-1NWMdhGL3MEag9ijY1gy2ICeGV_QyPziyYc41JueoPjYAQ7NdSiaU28YmN7gZYKCjroKcEmIMvjVahwTAycZ6Qf0nEhPMq1LHDxde6Dk3J-Gzwr4uwO_XtScmzsu_Gam6gJ7BjY6AnVKH8Ryxd62PDTjv1wlk7cl2py4GguiqXWFYU7bT_F9McbU8aJGnKi-JdPY1im-JFU83FAbKOQ0ynA0q4ih0pqZk7LP7MiJUF03CVRQgvpAmk-KGt7voQuiRX9a_3GpujtVerB6H1Arcr0ULOP-w3QD830xASXRZrdKbAigfkwfAeB45A-9vnuVj-oc6_t3lnPIj6D3UctidR1OHL6i0xp1vBaBzZVFW1xuhg2zR9o9pzqe9bQB7yPgt72lOzsLHmT03ph7koulgg0QIJ52UV_UKDvM5m6IzowVyX6ucMgheZmme-qP0FbWo6lBPG302dNgyPcXIodTzVfYxlnsQdzPjZrxcD_S3NNueigYKl_RHh3-YbYHwIHkhq7AH6PMc5ndXvy5EQHUKnaVBBScL-KM7t4-_a0AzWXEgvFKJKlD8I4X2OYCE-l3k-HSqNCsnoFGaL2I_WJjY3tx7RihUKbBdveotweQnQlMLH99ierzLJEKwBCFWTFcPAaQ5-_wSAC6tEYg4YKSwk8WtLJHeYd6W9B1AnYxou58A2TGgKUFUSAlxwP_TisqgxyJ0ENbJZku4bWusuCJyfkxQLGko6bxbG-pEABeEEZQ_0ZQxvoUHNj8M3XlTMFomPJq5DXX7W-nSRPTLTFHMXUTfNLHPeOjTuK0kX_I4dfGl9POKO8beGSR8-il1oLOja9KGWGTFoYfaqadllkai03HobGMsEGcFwQNen0hEjjyOK2SOSIlcP3TPXKM6z-O5ThVc2jrqbIrogYZHXSvUFptVRwcy0GTaKxfBBfZQhYXAXFNxyqlSZyuWsI0n5mYXWQ_isNDMjWZBmGgQHi0lwy8gHc3s4GIXf9lMIrwnPoShaNewOaFbA9TJyZPqMZgFZQ8IsWtfkBQ6vNSbTJFAcdUdLF7GYCay3bsoLpGdGpCli3WJEm5zSx6LObPE8iFUkjtUQMNzl-XThFVdPBZwg_NTBx2mij0NFnNorEcQWrSI2sqPMhefAXFBASMH-XHR--xo5YG7j8jKvuz8y2aWldMo5p8Q5tzTIr8IELUY2swNjgB5aDyq8bltpOw7Wimu3LFOHuV_peqG7MG7XgWYK5Z_uO4IlWqfUOsmKdb2IINlaSq_OiufTli5gJK5BPeKSqcg8BdUrHMBYoSN4HmTc7lFuourhaAuZBLG8d0qkUDapJrIQOzFF6OgljGFVQD0SNAboiMb4Eqo-UgGJ2e7XjiO_uTo_Ziv0eLH5u6Idu0vpM1GEgxbw14e0rEiXwzHZzSEDfcdsRKod17e5PWu4D74gHt9cqYPNYHw8Y2yKhojjL5P2iDHLopEG2ohvc7YrZYNggjIWvLAD-5Gxjw2EoTb6LX5yF_QnSRkW6pss9-8YRuFRijQcIM4DlLt8rdZ-OPEevXv8jqoIDhTHqvrYWmrrxrb04nHq24C0pHERdUVcaNV4ifUxKLiHJcMgkkq2fJiw0fKc0txQgYS_i84ubN1ZXE6DUP-Dp3LC7ahzfCbdLczlPuERa5c8mN6Mv5D_ivPkVL7J3JCgBHoHE08ofhXuUXMF64OQF4FF69ZQsOjqGxd7GROc10up8l9Aa9GN9F_uLmn6Dn1VvkcjjFTtAPWv8iv4QXgAc4TM1o5YXzhhMhURFWkBttfI-zckzurXm6eTlAoxWFYNcwSl9poP9vdegKR6Lni8PV3Y9ge4ysymvh8WnOEZm-MTIkDPCQMc5VKTi0Ec8cnunBYPWguqh2QYTfxL5hr6HAo_rWEIs86QMrh9WBzzauij3mbJTXID5z8s-N0ghNqcuLb7IpRDrBRTrqlLFzRp2VkmEPsYiaQaADOxgmRMXNqJsLISu7yXo9KIbMKb9jrIydS8KpUpDPWeemhgvfJ5D_6enPdCET3wW6gJ4wEsp3hbYVWRK4WxrZgms3weVBz0I1FNLMXfNtbrCCLodrW9fBLAky9XhRqjqR4lCrPZj9USURT4GKKjVopJQFxxfqMyllMz6VBrKU9Zge5a0Y4713BwyjQGBIEKYKlW7vdlZYkrlPyoXj3nBYRUCImEW0f-izZkD4dygn1V2jSNnSx1maTwr3Uy1r-8hTAaxnAWPHArXTJg_Ha2v_G_yAKUQiqou86kBwgOLlZ9NRHr958-Fw6QjodoCjJK25-QBa9LszBWEc9oziu0_VEWI_p8vv2w2cTflNTVhXwYfIObFU8VTzfIWAzdUbfVejxQxQOXd6SfkYM0MDstZbralp_ldldWCCD136hBODqukNdWcI6du6Zr3X5FxDkj1hGwQTC704qx3VCf9yfIrMZWzaD7t8DiY1rgoGvFY3DEPNuy-zjf-H67vszdd-WJpTrywFhjE8pGe9VAHa4U-ibM5WczTj-4S48EBiJld0cYd4pO1VdDMHcrk6dpNaMPlZ0yZ7k1E_rENzngpHBUVb62Dtp6kgsupQqPXPBdXUjqHWECGGp4TxcQsKU7qIPPWnVDCuo5H1kkuNqfknsJ_2WOHsozLTIlQIBs9cQOKFq_0pYi6AGWNCmzXRBppD18Pg3ugoHt60kRb-ieCXwXkWm628CeS1j99tO9gsuNslVIdmFzJSqcCxtKqLcrkQIUnkYZGmsqrxeo0xOO7i1UbZRhKnCSAKAF_coPPtQXLeBFg2GHmGHogjnvsZEthjKGgsqIISnmwy6mMaly60I8lRyw7I-xfNne5cLk0Y31aC4_E8X79N72RYmGYDlqzF3r_jAo5QCJD4LcrsianSkU80fVsdZb87i0BvxVCfUvTbt929mItucjJ0r-BSa6EgwfNCkk-pMtY80fYqqBgAb8959NxbFBpz2M-SThSzT1xhKATBm4Q2G6lOfLZcRUeoDpIcQhdXDkycSLOjBU2HSfLJZNCLNSXicCavV1qk5Kc9vcMsfAS5ygE4MZFeELM1UpGzhD9L1FwPhSPRkzb42JKDAb-dLGPAIHNHuszGg363s5-uArckY1pUHQFW79MT&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.star.com.tr%2F&ds=l&xdt=1&iif=1&cor=11883052444250348000&adk=2923430907&idt=79&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34c2e0e5dafe8e8de539327699368c89c130abce2298174c9e6d29461ac69fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3132 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 21:19:39 GMT
expires: Mon, 13 May 2024 21:19:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CCCC 783 B
535 B 23ms
22ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92948c1445ba05c1d3e9d1eda3165882665225db39c24951b3aa737612ebb29d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d7A0EeE9umHEzU1xB8idAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.star.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-d7A0EeE9umHEzU1xB8idAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 23:47:41 GMT
expires: Sun, 14 May 2023 23:47:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C8D 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeLANJN5SWJ7y0JB3f0zuW6njVn7YxVvA_ghbRc8d1aptBqquOnaZ4TsjAfmvBYBz7xTK1gHhHnmbdVhjvwee7STqMwk4zHIpZWV0gBUVv3AHfA98cueHuh1ldXGzK2aN5DxSNii6qeoc2Ni6-3MflNEX3VopC61hDnl7LlwEl0tOjYSs&cry=1&dbm_d=AKAmf-CbxqlbNf67QIVOWx6sRvagJEAeVKaiSy1avuVD-UIj7cMrW_zUbPUE8JDlrlDcNa7rf72thHCUhjm8AEMaG22okpUZ94-fWvkOlW1-f0FRHLfv6coSSLVc2x89kESZ0Jr8b3k7d2S18KnR7ClIhl2kkCWfYxyabjJ1-KcBTn_A44_wuiMpRpTRGHSgNarOoDO-zTaCeO1f0PYljg41ToiV-Ou-IQa42-qjIuZO577tQ20SZNNIdga_kU2mf60iXqlfWM_CpY2XRAz4EjuAjR9lQAk_Bl9oU1V5LyAUHxl-fPHNV0aUz4EIc4AyZ-F7aWrIAf4bPsowU8i9j4n7uF2zeSJ2o1rWJN18yFI3ybcXBxYqm4eRDFG7BYVyK7UrEs64mO1K6zerMApKciJi9j2R-vqY9x-S9r42KKjr4iDFxWP-BkH5O54xp11CtYnb6ypuWSdQQn7nl2_vt0Nn-rI1Zp3PWywS1orLNY5gU5hCL5awHkX14pKmWOzjf0zojTduolVZdWN36HulnxNv07BJ5cuoKLOPWwOqOSWaOQsu1539OTIEmfBbOsVzYDTuWydCMoeVsKXwFBQaHSIHolIZOTQteCRw_9iWdiIh-fK0iZDtmCXXtIJmlZ_FYwHA2JYU_dcnywBYXM_9yAGwwk2FYpRgVlZYvpJvdV1kU6OWBuvhjbPCzmZ2yUgOs3OpdmPnofUDdUx7oyg3hNKdbuSNLSHk8A-N1AIBKrMw325LhNJbuzrs1auA9uXSAOmtg8L3jmp5u4E8K6SlU5D8aP743vy0jHGnTokSmziI2U3AMm_kzMpI8ZT5eaaAhSHJsyzUVSBsYnL8fp_5LJkoHov6yJOnVotEeRNLPFCv4G2rJjjz-KUHafQk9jhW01QIITfh75gM5JX14e0fvWG08c5slXfJCCCUnHft3wKlh4EQHoU2o2uWUTnvNCameMikYzHNMjNho_GP7Ndqy63-r2moXh5YRmZ7LyhRlK_oavVFifIvMIZw7frPwznP5vwVE5D_mqa3youoFacGoFrJMumCxXSnT1TSF_WVIB6WIgpawgG3wti37oMzsDM7zHUUMwZdRWeew4_oVNuPybk0zrLOvw1b6zKR2TYxZXnmJ3tcj4gDcbhzz247nDGWdva7fFI90BQai_GI3nGToRefCjNo0SwLeLmV-b2p6BaX41-NkqHY_bczbw7Vwwz7pUIt6-tm6gHtHNdH540ADfOZq7-AxKXlrwvB40arKaqxRz3PS5FZHZ85c85ny5GYqGIVVx4wTzqaU8Za2aoZxXKZqsFfOqWArUd5YLfaGeiu1sjmZi1Whq6Lg79CcHEelCOVOqet6nsGj_auX223HNRxY0Zk-zR4X210HIGcJxw9StE0r7ayZNSJWegVZCleiN6jzHJ0N6Ze_mBUNN07qyK53PUYsJzvAnMCV2XFFN5_hqIHJk7snoAmthWnq42lWdeLYT-naHCjKsYIvfL3ZCnr635YJOFI7gjP6aAIrvSNkhS1Fcz4KhdQN9Rasu5OCNc84BdGPDG3DjzWtxax4LOA86YX5V3z9pP06_pCYa2_WdilF553Ac0C4SXjy45Jk_ahkHkcjC0aUk8PPOu26s4FRaRMUEy9938bnMvPejcyeEIKTU9cHO24WJbSYDijLTArv4S3nHaR_AXfF3OfgGiPB8b9o20UImu5_nR2PoXS0pIw8ssjzRjNwt5g-rtoZJiUmME-UchweLEiR9AJflvd_pKUFaowthRYmRRVvX1ff0_LQSws1DKs6vhAlarLs6mbPvhS70zSGPWO1Vjzmz29EbHn-YX8p2hxkvmvsKGIT-rX3vZOyiMU1zNMA8Gjhzjge4xrRkuQ4zSw22rLz3xzvu0tCFArowJIvoqE8nMuocPAz28EPqG1tOGKWti1HL82VREf29zDzVp_4BAXOPBMxM2-y7imjFUGWXW3BNKl22n_FznKpxMn25cT-9D9E7u3PdcMUrL0PeKZd-RaeXfcUehVrXr-cZUUDsXAmAUpBpl8fLQ6WoLM1i4KEOsXik7rGTf8evNPw6GDSXj2k79SfROSBhgMPD_3vDyuwWvLvjTn-OrcuGmepSEgfiJ0sTrR-ow-SyNrXCkTOYl7ZmboCAI0RgVTz26OLTL6fKH5X1PaluJA67Gs5dTftAkJTAhD9QwoMB4JexqZBi04i1xP6VEEfatpp-A4iiE6PGqrdPgvw3-JjNQVQbdwj7hrBnbxPK6Edz81x3-4HpZN4vuPku5RTdDSPJF_C5ygtU5J1jBKrc13PQUwFamoo3A8VcD6YuaGPYjwJaljWdssumk4WqwHpFu7A4Fkf4j2e4Q5yUEGRNkXZx3Ho5WtolaJt-GrFalxdenlW8yN4KIINvASPpg6wxireusfAeifVborD6tBET8CDvwzZyznAkP1RZa5XY9RSJzvm2eePzbtTgPJ5VVliP7LqoME1Z1pv0AlNP9ogqwvI9ZBkUMOOpNKvlDOqLsECkS_MPA1e9NpHqRNmQgW9qA9sNAArzpN4znuQr6DmS5C5WTrX--Ym-WqAUYGeOan_vJ12JM2aJeAZ_5zxusyNjcXB5wORyCcK7ynXsHej3c780B5u-u3hkcBqAPpoiijA0jladrYHQ-v9RuAJe7iNG61j3UXK-hR_8UOvfYI4YZYWyaErP9P3SNmb4p63Cu_VvfSZWW_XhZlUd8ZFsLdnJTbQ8-SLOROs-1txZthI_uvwrNQEmZiVH9TUa4M-iiFOc7XUK0V5LuQdnq13S4l85ovXAeveRqW9roGFPGjsWyA1IdAqTmB-xWalqz37XBcp5q5tsgVnEPS7zlIue7pBiYn4e3YHAjKj8eBtHfzxqkF1n5f26AasmjYcaBYU2P44mKFa1P2tXeCONgWzXgbM_gj0-TUDHlFsHSZlF5UCF16M6q_YEtm73mJryL912PmQk45EAJXxerf-Ujl8hGjzvGdz_jCj9iF535fmxKVWyOl3dlpoG6aqTyYmmKEI4-F6RO4qC2bHFvO1oqxqVj6PKU9DScQBxfJ5-tfMJbXT0MnHBDsdtH6v5v4uwuicmjgFEXllzsDUbnHTS5N6B9UxLvx0N_G0PZy83gCHzmihfevI8hsCw7Zy_1cIAPWS1J9kdAnO9Rj1ChHz1Lz3ZNkrVacMRevDRBd81Nzx2AXY6Wy6U8OrczuTvAV8yz099hHbNARZs8Zo_CewWVQLOlEbd2r4hTwKBZPGcly-sgASCDS4qteRTRz0oHtvPHkW7595VzpADuqzW9iP1AzIy7pVZY8TqaBCCwWl3c5RO1iyWSI0F2SombarM9PSFCDuLmevfPk5v_y2SJaK3djr7zeLS3KNh_SgNZ6AgOhqi-KIg-T96b_l9ykEQF_ZzOjlK0_cPorT3LfniB_aiVHENgm-qLCsF9n2jz3i6vMQrZ-io5NJhaakBvSJ9nn1zOasvEhHzVJ6HpenldWEFXn5Yz5L1Nswrk4bl1izeK6g8CglW6aiRueMWuuOwuveoGd-Li8YY09yPj4FDtznkNsLUhuIFEf5na3cP542tGuCVa7aY98CCZblaArYY2Et0_OJ9zWvsd3QVdqpeXJkCqjUE64jXGxli_iAvokg5upD3PyRI7RAPF1WkEwkf5htKAGOHzeCj3qpTJIXgOEPd6siGKGRMq5tPalcn8lQ2LvDCqLr_-P-RzjhFe9WGG7-F3h8K97wRmahRijCAC__v5OKxPtnYTZYZeYnXh1r4PIJO3kymTu6hGUxy4tEiGbu7wlDOvFMZUk8qT2zYbkuRW3YH9AcgW_RGP_m-oBKaRy8lgasZUGFa-U7nhtNv6gjDb53d6Da-xLleqhMHh0udzRTazmFvHCYJ8-4_8Gz0-Uul1VKDi7Nw0maL6LS1jrwVFqT-QU4C8qayIDxU7reWmCNb2Nj_s039NH2qYEODklojiJuSw1K9k&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.star.com.tr%2F&ds=l&xdt=1&iif=1&cor=5882153829682511000&adk=2086295851&idt=47&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 04:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 04:43:57 GMT

GET
H/1.1 200
OK request.php Show response
hal900013.redintelligence.net/ Frame 9CC4 3 KB
1 KB 131ms
107ms Script
application/x-javascript 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=0e3b68ec35&subid=&uid=a88cde068859e978&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1YU8O_9rBPMScedJ82CJKA%26exch_seat%3D20035004448%26mt_aid%3D1811634647884931658%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_cid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=5987555307853&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=1811634647884931658&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1YU8O_9rBPMScedJ82CJKA%26exch_seat%3D20035004448%26mt_aid%3D1811634647884931658%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_cid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: c5e227a8b7b4a32c9960d3f7ead2808d21587ad814e152bedf4720f7c2a14d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 72878800006118200951393012325013
Connection: close
Content-Length: 1076
Expires: Mon, 15 May 2023 00:47:41 +0200

GET
H/1.1 200
OK request.php Show response
hal900018.redintelligence.net/ Frame 659C 3 KB
1 KB 162ms
136ms Script
application/x-javascript 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b07a7d17af&subid=&uid=471da4f3738a0513&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DMAKg3wYB9YMD3M8fy9Pwfw%26exch_seat%3D20035004448%26mt_aid%3D7576242170919166503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D84686461-731d-4e01-9eff-430db1598639%26mt_cid%3D84686461-731d-4e01-9eff-430db1598639%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7385793469689&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=7576242170919166503&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DMAKg3wYB9YMD3M8fy9Pwfw%26exch_seat%3D20035004448%26mt_aid%3D7576242170919166503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D84686461-731d-4e01-9eff-430db1598639%26mt_cid%3D84686461-731d-4e01-9eff-430db1598639%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 717a3a144c5e129a5d32a37edd7ceac8d9b01416df65464d8be17ccb113392e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 83343700004859200951389012325018
Connection: close
Content-Length: 1077
Expires: Mon, 15 May 2023 00:47:41 +0200

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 2C8D 11 KB
4 KB 25ms
11ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: d647a7e26947913a559461fa94fdb54e061002b865692225cc22e80a4d8a80f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4230
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FDB3 106 KB
37 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Origin: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 09:20:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame FDB3 11 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDBepm4k7r6tvJyAmftQytZnePC_hpTuNPcZMk3qnbnKF0Hz1IG0BM4CiQogg2exrHUZVogTzcPdGocoGtTO6ZTLmu9DS1X0tTj8kV3-Y_g12HWRl5EuMqfRloChh5kPeID6JGILmC0K4il0E3iFrPD8GIzxOBr7YsJPhjBx2IBCqL504&dbm_d=AKAmf-DO5_IHdHZFXHpp-P5rPkBRQVIGbkHu49G3BnHE2jE4bCR7Ouel9qToSh8LlMr6L-z5cf3gTQnAn3t0pY0STW0zEeuEo4NBoKRmFwXBtRBd_Q5jLsjZq0wCpzooAFVLERWJtNJT9bxWlkfL5fraGovLrRP9Ptb_wLUEnb20_XJPXCOMZzss4-5pXHU-JUuXSd1wqeGezTBjVbj7IFSzWLgW7JXuoEExysyK4wER83nlntrxX3N_OCH5n-LE1OJsdOn4tlCp6YUcg0XYt_vw-hk1YMoNIgzAxTJXLBRg80Q5xcAzH_qSrSwxQpFb7CBbtzprxLHZ_i8_TSU6SNmSqpcmq3y99ZP1J8bugrrfhKJ6-toM8y2YGEwgoFTHemkKCf4GVb6aAty0T2olAqsKSF7bOM4D0IE0_b3QMdJ8-_7uonxVDxbx17KVrTq3gbY9TlEwUqmW4pSn0bLRHX7XeoGE7HTlMSSMDOKOMUUIdJsP7lYQhrSd0q0PSwU_INEUBf6eTGaswJEjhNoIGQt88QHRtTf5oZF-FnmjwsWsf5ZFjIAEQq2WrX-VF1LXO-BpeGsCLrGD7-8GjDZOZYR-IgzYta_BuJR6fxH9PFz64YTnOnh_cQ3E55tzPpg6DqOraeBWJGkgn1REPfWSpKez7caPI2E-1NWMdhGL3MEag9ijY1gy2ICeGV_QyPziyYc41JueoPjYAQ7NdSiaU28YmN7gZYKCjroKcEmIMvjVahwTAycZ6Qf0nEhPMq1LHDxde6Dk3J-Gzwr4uwO_XtScmzsu_Gam6gJ7BjY6AnVKH8Ryxd62PDTjv1wlk7cl2py4GguiqXWFYU7bT_F9McbU8aJGnKi-JdPY1im-JFU83FAbKOQ0ynA0q4ih0pqZk7LP7MiJUF03CVRQgvpAmk-KGt7voQuiRX9a_3GpujtVerB6H1Arcr0ULOP-w3QD830xASXRZrdKbAigfkwfAeB45A-9vnuVj-oc6_t3lnPIj6D3UctidR1OHL6i0xp1vBaBzZVFW1xuhg2zR9o9pzqe9bQB7yPgt72lOzsLHmT03ph7koulgg0QIJ52UV_UKDvM5m6IzowVyX6ucMgheZmme-qP0FbWo6lBPG302dNgyPcXIodTzVfYxlnsQdzPjZrxcD_S3NNueigYKl_RHh3-YbYHwIHkhq7AH6PMc5ndXvy5EQHUKnaVBBScL-KM7t4-_a0AzWXEgvFKJKlD8I4X2OYCE-l3k-HSqNCsnoFGaL2I_WJjY3tx7RihUKbBdveotweQnQlMLH99ierzLJEKwBCFWTFcPAaQ5-_wSAC6tEYg4YKSwk8WtLJHeYd6W9B1AnYxou58A2TGgKUFUSAlxwP_TisqgxyJ0ENbJZku4bWusuCJyfkxQLGko6bxbG-pEABeEEZQ_0ZQxvoUHNj8M3XlTMFomPJq5DXX7W-nSRPTLTFHMXUTfNLHPeOjTuK0kX_I4dfGl9POKO8beGSR8-il1oLOja9KGWGTFoYfaqadllkai03HobGMsEGcFwQNen0hEjjyOK2SOSIlcP3TPXKM6z-O5ThVc2jrqbIrogYZHXSvUFptVRwcy0GTaKxfBBfZQhYXAXFNxyqlSZyuWsI0n5mYXWQ_isNDMjWZBmGgQHi0lwy8gHc3s4GIXf9lMIrwnPoShaNewOaFbA9TJyZPqMZgFZQ8IsWtfkBQ6vNSbTJFAcdUdLF7GYCay3bsoLpGdGpCli3WJEm5zSx6LObPE8iFUkjtUQMNzl-XThFVdPBZwg_NTBx2mij0NFnNorEcQWrSI2sqPMhefAXFBASMH-XHR--xo5YG7j8jKvuz8y2aWldMo5p8Q5tzTIr8IELUY2swNjgB5aDyq8bltpOw7Wimu3LFOHuV_peqG7MG7XgWYK5Z_uO4IlWqfUOsmKdb2IINlaSq_OiufTli5gJK5BPeKSqcg8BdUrHMBYoSN4HmTc7lFuourhaAuZBLG8d0qkUDapJrIQOzFF6OgljGFVQD0SNAboiMb4Eqo-UgGJ2e7XjiO_uTo_Ziv0eLH5u6Idu0vpM1GEgxbw14e0rEiXwzHZzSEDfcdsRKod17e5PWu4D74gHt9cqYPNYHw8Y2yKhojjL5P2iDHLopEG2ohvc7YrZYNggjIWvLAD-5Gxjw2EoTb6LX5yF_QnSRkW6pss9-8YRuFRijQcIM4DlLt8rdZ-OPEevXv8jqoIDhTHqvrYWmrrxrb04nHq24C0pHERdUVcaNV4ifUxKLiHJcMgkkq2fJiw0fKc0txQgYS_i84ubN1ZXE6DUP-Dp3LC7ahzfCbdLczlPuERa5c8mN6Mv5D_ivPkVL7J3JCgBHoHE08ofhXuUXMF64OQF4FF69ZQsOjqGxd7GROc10up8l9Aa9GN9F_uLmn6Dn1VvkcjjFTtAPWv8iv4QXgAc4TM1o5YXzhhMhURFWkBttfI-zckzurXm6eTlAoxWFYNcwSl9poP9vdegKR6Lni8PV3Y9ge4ysymvh8WnOEZm-MTIkDPCQMc5VKTi0Ec8cnunBYPWguqh2QYTfxL5hr6HAo_rWEIs86QMrh9WBzzauij3mbJTXID5z8s-N0ghNqcuLb7IpRDrBRTrqlLFzRp2VkmEPsYiaQaADOxgmRMXNqJsLISu7yXo9KIbMKb9jrIydS8KpUpDPWeemhgvfJ5D_6enPdCET3wW6gJ4wEsp3hbYVWRK4WxrZgms3weVBz0I1FNLMXfNtbrCCLodrW9fBLAky9XhRqjqR4lCrPZj9USURT4GKKjVopJQFxxfqMyllMz6VBrKU9Zge5a0Y4713BwyjQGBIEKYKlW7vdlZYkrlPyoXj3nBYRUCImEW0f-izZkD4dygn1V2jSNnSx1maTwr3Uy1r-8hTAaxnAWPHArXTJg_Ha2v_G_yAKUQiqou86kBwgOLlZ9NRHr958-Fw6QjodoCjJK25-QBa9LszBWEc9oziu0_VEWI_p8vv2w2cTflNTVhXwYfIObFU8VTzfIWAzdUbfVejxQxQOXd6SfkYM0MDstZbralp_ldldWCCD136hBODqukNdWcI6du6Zr3X5FxDkj1hGwQTC704qx3VCf9yfIrMZWzaD7t8DiY1rgoGvFY3DEPNuy-zjf-H67vszdd-WJpTrywFhjE8pGe9VAHa4U-ibM5WczTj-4S48EBiJld0cYd4pO1VdDMHcrk6dpNaMPlZ0yZ7k1E_rENzngpHBUVb62Dtp6kgsupQqPXPBdXUjqHWECGGp4TxcQsKU7qIPPWnVDCuo5H1kkuNqfknsJ_2WOHsozLTIlQIBs9cQOKFq_0pYi6AGWNCmzXRBppD18Pg3ugoHt60kRb-ieCXwXkWm628CeS1j99tO9gsuNslVIdmFzJSqcCxtKqLcrkQIUnkYZGmsqrxeo0xOO7i1UbZRhKnCSAKAF_coPPtQXLeBFg2GHmGHogjnvsZEthjKGgsqIISnmwy6mMaly60I8lRyw7I-xfNne5cLk0Y31aC4_E8X79N72RYmGYDlqzF3r_jAo5QCJD4LcrsianSkU80fVsdZb87i0BvxVCfUvTbt929mItucjJ0r-BSa6EgwfNCkk-pMtY80fYqqBgAb8959NxbFBpz2M-SThSzT1xhKATBm4Q2G6lOfLZcRUeoDpIcQhdXDkycSLOjBU2HSfLJZNCLNSXicCavV1qk5Kc9vcMsfAS5ygE4MZFeELM1UpGzhD9L1FwPhSPRkzb42JKDAb-dLGPAIHNHuszGg363s5-uArckY1pUHQFW79MT&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.star.com.tr%2F&ds=l&xdt=1&iif=1&cor=11883052444250348000&adk=2923430907&idt=79&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:07:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame FDB3 28 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10883
x-xss-protection: 0
server: cafe
etag: 6886435266232968791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 May 2023 18:07:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCCC 0
0 42ms
41ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=114524255750530&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C02 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 414224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 04:43:57 GMT
expires: Thu, 09 May 2024 04:43:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3132 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 12:20:58 GMT

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame 2C8D
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

128ms
111ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 19d8c7464e44563865b1ca86c198c929437450da6fccef060e815062af9c2d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25438500004391504444994012325016
Connection: close
Content-Length: 1044
Expires: Mon, 15 May 2023 00:47:42 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:41 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 15 May 2023 00:47:41 +0200

GET
H2 200 ca Show response
choices.truste.com/ Frame FDB3 28 KB
9 KB 54ms
9ms Script
text/javascript 143.204.215.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=29913092&js=st0

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a34cd1e01a7aef8ea44a7e23d714ec362fa40370d6a0730150a882e2f05ecc48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 00:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA53-C1
cross-origin-embedder-policy: unsafe-none
age: 82862
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8032
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: Qc-miKQA1pfbOStwhC5-UhqifDWmhVul_lbFKa3ZceCp-0ZOG5Tt8w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2980744069314610784/ Frame E68C 23 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0339ed26c9589601d79fa2a0aeb06410233a44eee897b365f8db0d8a83070a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 312515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5066
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 08:59:06 GMT
expires: Fri, 10 May 2024 08:59:06 GMT
last-modified: Wed, 10 May 2023 08:43:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FDB3 0
0 91ms
58ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDrd6xQHnn_neGp77b3uUhzhulh1HI0Jih-h1v2AFRXTOwT8qebw9AuC-zr-PyKkwvmiKKquWHDpkZ5YezTY9ODjT4g9sPB1MrYP1cbBSCYcfbts7FZFgKZn3J7U9zuBecCqKP-g3lleMBtZb5-UExxk7PFls7RJvZKaVUMHMXy8ptfvc6VXbNWRO3YdUCv5XbBHRBzGhhpTy3ydHOj_Lm4ows1VFd5NgwqIsSVBw4lh_0IQ6oaJzJuhqN6lUzX2c8EX-6SEGZuUfLsJreD8MiyZdojaakecOw3zkmc1USzpeFov5rt7aXgmpkwDeSh4RXikfEQUWkD6JpSC8EPJZbf9JOPM4FrSJqR7yu5vSzONXiuJK5oVsWlPCIuG2bKkZrZUT6YY66T9GguOxU2TpZ8nfjDpRwogPlt5PbeGb8xO2rSYsTx0LK-G8U5PdPI_HRj9ia6O4M5cuAxixWzPqtw3C3seb5Xv0yFfFzYh1SgZwmXVGF-kTiyykcZf6p7KvOlwBHuRZpJdstzKcdEYaIyOQn0fM-pY8QTjeqI9b1Mv6jNSHypSisJVkIDOy3ba_EqjVrS8YuANrgIW8X-hPxwCgYp9HotcQzbqmaqHS8w3PH6rXauCrHo85BwVkVSDkncoIoUf9CF7MEXwtGjsuZ74oGh6jER7eFfA8HN9MI7jMtlqiNV8OwrEhA8oLkDmXkdvMOu5ozaKE9ph4oJ8KwNyH4ze7TgxegILLjwlJ1PO7uFth9uwVxTEy7yoeRVFtgp1PnvtIFhfVqzCQ6cVHl1EQyX9hP4BdB5J0hCTbHMYwznenEawboMIlcnGUUUbl6r7NltNXKnnLWHVOKkfd4P3wG6Uh-NPjyDMInlf4pWPYOMu-fi1AXNLinh5C5k-3CYbCsHxcEY5UfscmoWlP-l3lxBcU74mQxvTUynJvzlML5Il3wJxx9b-BC_N7Nck_BblO2xCa0paB0eBiQuCNq8OWsodewcmbT6tJy4TYaAl9Z7RwC0YjhiNlzyXINJ-apgUmvQqRzqsOgf_b0sflWznCFdyRQ3qfu-9YdJipzg0AwyNGTNed40LVLXIrJZvPJ_NP9aXrygEJR7eSbb40UsxexBvXcCS-DGSF66TgUErMVy6csmkDSTOE6jtc6Sz2hhJ_lhMNYPxHyntL8TcPNNtNFVOfMvyo4YqADTtxxMNmJ4xDr0F9Z87RXqA97_4G1Yn4RNWSGdzdr7nB2TToE8iqLK3-qDF4wPGjHVRZmT-vv0zTym3onlU-W_kHAoS8&sai=AMfl-YShkc8JfG2cFUzk7aVXxsGg2Pa_VYOuM0f6XM84OC1CXdYxoawiJqDkbRICVMrzsdJSW_p3QSfbMxsxWz0D3enNjSG_tnnBsdru6cce2PziK06Pevezg1anR8LFwGbqY-lth7S6jxnHIIySARCvo66WDMwzcqKx9vfjDM_4PI4ip9A8tAXAyBI5gKMuoB-wwtraaVEFSIjsX_b6inyDeaL5-dYQC6DPqcmaa1u2BRkf7s-btagvVsGqkugVS1dGKwjtz7DgLXqG2TdFTtApHZQDh_Io3DiF9SGq&sig=Cg0ArKJSzLhsP9_d0-dpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=74&cbvp=1&cstd=72&cisv=r20230510.72295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 May 2023 23:47:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H2 200 dcm
beacon.sojern.com/imp/ Frame FDB3 42 B
230 B 73ms
18ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dcm?auc=ABAjH0i0abXzwp5lcEZKlmOh12N8&io=1011697670&li=20031301804&cr=489599653&io=1011697670&seg=&src=https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/&ord=%c
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 14 May 2023 23:47:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FDB3 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 04:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 04:43:57 GMT

GET
DATA 200
OK truncated
/ Frame FDB3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0675b7f881226109bc653970f396dcae5dc43ad743425a4b98a0f72ffe511bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 756f51f738801361f39f2c685300b4b6.js Show response
s0.2mdn.net/sadbundle/2980744069314610784/ Frame E68C 110 KB
31 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/756f51f738801361f39f2c685300b4b6.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8706657c9fa498b993ea4c6ea5d1967708b52392f511d7285f6aafe508b118a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312515
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32008
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame B72F 930 B
932 B 164ms
10ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=0e3b68ec35&subid=&uid=a88cde068859e978&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1YU8O_9rBPMScedJ82CJKA%26exch_seat%3D20035004448%26mt_aid%3D1811634647884931658%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_cid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=5987555307853&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 14 May 2023 23:47:42 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 21 May 2023 23:47:42 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame F722
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=72878800006118200951393012325013&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914516

350 B
401 B

38ms
8ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914516
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=0e3b68ec35&subid=&uid=a88cde068859e978&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1YU8O_9rBPMScedJ82CJKA%26exch_seat%3D20035004448%26mt_aid%3D1811634647884931658%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_cid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=5987555307853&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 14 May 2023 23:47:42 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914516
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9CC4 2 KB
2 KB 128ms
66ms Script
text/html 18.132.62.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=72878800006118200951393012325013&nw=1
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 05af15f722975539188b8df2989e6066ff9d945cd74d4c4b258fd708f27f5ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
last-modified: Sun, 14 May 2023 23:47:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 14 May 2023 23:48:42 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 27C0 7 KB
2 KB 24ms
9ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=0e3b68ec35&subid=&uid=a88cde068859e978&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1YU8O_9rBPMScedJ82CJKA%26exch_seat%3D20035004448%26mt_aid%3D1811634647884931658%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_cid%3D85686461-731d-4d01-bc22-b7f23a20c4b4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEIBsHHNhZNaOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgToAk_Qdpb2XowZ_LkDyb7P16Psae8WNuH1GQeHqYaxp2lmzf_S5xzAD4irWXcYIfr-SkCBu5vKva4T4G06EBi5GNmK922qyrUPJi-O-VgJll2pL1dhFzGvrIdF8W-J6geaii_nHQkP2mVa8owmT6x2m6pjlxCWwTY5HkhWNhvhs4kufk4Dp2GeKZAoUs3-5TI2Hr7Br9iPvsYOQCkczb1vbeiVH6Vm1KlOnNnA_YPGYhb59XuEih2Ad8sBuJWwOKnwzjlsqG7bPyuO3t9qMTIieMHURaMf3q1LY6iDrXXHxXNYogv-UZsfvOBv0VfLmP6vjYKJOjL7TXHxTilkVVj9X2wUqXanR59CA6EF5Igbc3LiOFT6-1IX8Sx-Tjo8KMsQAaBY8H5UA9aJuqqxXiehDDQl-qAewl734OORIgt0kpHbmRVZkjXoPcuV3hChHneXdUisHqVm1fdJOKDK9kwLyNykryob8SysfuAEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1rbmMT8-VXqeCMft_rWKNWpadhhQ%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=5987555307853&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 3629d300aa4d72e205d63d26451c3d3e2d444cc825fb2bb8bd8c769adecb00fe

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2032
Content-Type: text/html; charset=utf-8
Date: Sun, 14 May 2023 23:47:42 GMT
Expires: Mon, 15 May 2023 00:47:42 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9CC4 43 B
702 B 242ms
59ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=72878800006118200951393012325013&pv=1

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 / Show response
adv.office-partner.de/ Frame FE4C 930 B
931 B 141ms
12ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b07a7d17af&subid=&uid=471da4f3738a0513&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DMAKg3wYB9YMD3M8fy9Pwfw%26exch_seat%3D20035004448%26mt_aid%3D7576242170919166503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D84686461-731d-4e01-9eff-430db1598639%26mt_cid%3D84686461-731d-4e01-9eff-430db1598639%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7385793469689&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 14 May 2023 23:47:42 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 21 May 2023 23:47:42 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 97A5
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=83343700004859200951389012325018&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914517

350 B
400 B

43ms
13ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914517
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b07a7d17af&subid=&uid=471da4f3738a0513&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DMAKg3wYB9YMD3M8fy9Pwfw%26exch_seat%3D20035004448%26mt_aid%3D7576242170919166503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D84686461-731d-4e01-9eff-430db1598639%26mt_cid%3D84686461-731d-4e01-9eff-430db1598639%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7385793469689&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 14 May 2023 23:47:42 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914517
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 659C 2 KB
2 KB 110ms
73ms Script
text/html 18.132.62.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=83343700004859200951389012325018&nw=1
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0109d9f65a35077fc5b14b52bb1ea98ea417ea9b895e48f619f520ced0bd030e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
last-modified: Sun, 14 May 2023 23:47:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 14 May 2023 23:48:42 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900018.redintelligence.net/ Frame FCE2 7 KB
2 KB 22ms
8ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b07a7d17af&subid=&uid=471da4f3738a0513&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DMAKg3wYB9YMD3M8fy9Pwfw%26exch_seat%3D20035004448%26mt_aid%3D7576242170919166503%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D84686461-731d-4e01-9eff-430db1598639%26mt_cid%3D84686461-731d-4e01-9eff-430db1598639%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCfLsoHHNhZNSOPJ2i9u8Psq-W-AjPh46bXMCG2YLGAsCNtwEQASAAYJXC9oGUB4IBF2NhLXB1Yi04NzM4NDI0MjE4MzA3ODIyyAEJ4AIAqAMBqgTcAk_Q45T9s2udHCseYKccn3gpSUDi_-c8n5SRn-IaLxFx0zgiCxMEgzEncM0rRZUs7jlMdkt1n0y0Tl60zzKBEScG3jh3r4nmxQOgURoq8LjBztT3JRkLoCC_SOy-qSsg9uTM7PP-Bl1d_PppAMViSRNnlDDDcdWy2qPgzorRNNVT88GUYDD4_OKOrIUiR5n3ubphT-Nan3nZWKZPJCN2ksjju3WZiGdWySLFrpVAFdPpBu-bdLBK1KEt1FwrX1dlPVpo-Zwd7pQel3HaLv3t4fqAI4AkKppEC_7tmA8LWHdmLNSC_s2dkVMdKFEWQlFoO24NtF0pcEe7TnKt6tafwVdLmGJ-VVFkDhvquaVaHFXmSWszY52hroeAJuWYkJ-fc6OxnRokkfd6TLjV1fwtumYCNJPCnBPEC06g5KO97Aw5yrewVe8kO-R1hypzRwQEGMx9PYqzsY4dw0VWo-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1MM3mHQY3hC5NdMadqBXC6Nl-DcA%2526client%253Dca-pub-8738424218307822%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F62507208943cf4d9522f918611812145.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7385793469689&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d6d6da77219fd87f0495556d5d3c08b40de4cf1840fc52be97d54d5cc98e03b7

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2081
Content-Type: text/html; charset=utf-8
Date: Sun, 14 May 2023 23:47:42 GMT
Expires: Mon, 15 May 2023 00:47:42 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 659C 43 B
702 B 215ms
58ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=83343700004859200951389012325018&pv=1

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C02 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 12:20:58 GMT

GET
DATA 200
OK truncated
/ Frame 9CC4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7d773851e24d1339477d52eed73207315fff3c690e253c8fbd964637453792b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 659C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a89b68fc29696742f4ef6da3d1250c1aaca98363ada42faff4e4204f2a1fda3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 27C0 5 KB
780 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 22:57:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 27C0 16 KB
16 KB 23ms
9ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 2dde941938b6b164b4f565b876fb166057ecc303e5a8a1b14972c210844b0f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16515
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 27C0 13 KB
13 KB 30ms
14ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 911f45a0771a61386a758d134bb652b30678a6c866fb4230ad63692eee6a5ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12999
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 27C0 17 KB
17 KB 30ms
14ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 11ce30eb457cbb66ea68bdf218a9c988a940819d0c9b44edbb18fd52f166ac51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16840
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame FCE2 2 KB
509 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 23:18:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame FCE2 16 KB
16 KB 30ms
12ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 2dde941938b6b164b4f565b876fb166057ecc303e5a8a1b14972c210844b0f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16515
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame FCE2 13 KB
13 KB 27ms
12ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 911f45a0771a61386a758d134bb652b30678a6c866fb4230ad63692eee6a5ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12999
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame FCE2 17 KB
17 KB 28ms
14ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 11ce30eb457cbb66ea68bdf218a9c988a940819d0c9b44edbb18fd52f166ac51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16840
Vary: Accept-Encoding
Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 117ms
31ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?oz_pl=1&ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&psv=2.92.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&ui=c22f667b-0000-0000-0000-000000000000&ap=&ti=7576242170919166503&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sr=4&de=43000&si=2096293204&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.92.0/ Frame 659C 176 KB
55 KB 30ms
30ms Script
text/javascript 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.92.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&ui=c22f667b-0000-0000-0000-000000000000&ap=&ti=7576242170919166503&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sr=4&de=43000&si=2096293204&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-131-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 55694
Expires: Wed, 20 Jan 2055 06:59:40 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame F722 5 KB
5 KB 10ms
6ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914516
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 97A5 5 KB
5 KB 7ms
5ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2720914517
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8251 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 414225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 04:43:57 GMT
expires: Thu, 09 May 2024 04:43:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E68C 4 KB
721 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700|Lato:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2980744069314610784/756f51f738801361f39f2c685300b4b6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1e61f29bfbb7fc214937a17c2619f1f2d138a838a75c09f58c886b0af2111cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 23:47:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H3 200 abc5cdc0d473ae8fdec1a4a2df9ae87c.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 46 KB
46 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/abc5cdc0d473ae8fdec1a4a2df9ae87c.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0d9c2ab12833c43d08a75cc00fda498241c9c7aafa899ee0ce4f73d555a453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47261
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 fbc70c1d0bb058b465fa32be265555bf.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 24 KB
24 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/fbc70c1d0bb058b465fa32be265555bf.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0855ced929b5ae6a2808c2ab0742971bddedebd05447fa0f87412eeee49f43e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24407
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 e87fa3d09d8371e9ab136d9525cf10af.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 32 KB
32 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/e87fa3d09d8371e9ab136d9525cf10af.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c275148fc952b276f77cee28b4f7c678fe40a8bf51a352a86f78d1648dfaf75d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32357
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 d58fb88e6fe86574688238ff0bbcbfa0.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 4 KB
4 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/d58fb88e6fe86574688238ff0bbcbfa0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b2a3c5bd03ae94eb2e2ead26034756b3525934b37093f0efc18dd51e3cd485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4570
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 27C0 0
150 B 28ms
13ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=72878800006118200951393012325013&a=2dd48fe1&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=72878800006118200951393012325013&a=e5f6bd10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
adv.office-partner.de/ Frame 70BB 930 B
931 B 7ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 14 May 2023 23:47:42 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 21 May 2023 23:47:42 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

/ Show response
htlp.emp.de/ Frame 181E
Redirect Chain

https://www.awin1.com/cshow.php?s=2481797&v=14172&q=372912&r=296283&pref1=25438500004391504444994012325016&pv=1
https://htlp.emp.de/

3 KB
3 KB

86ms
22ms

Document
text/html

2600:9000:225e:fe00:c:6264:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlp.emp.de/
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:fe00:c:6264:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: max-age=10
content-length: 2647
content-type: text/html
date: Sun, 14 May 2023 23:47:42 GMT
etag: "81767a046d18dbeec7092a1dbdc70325"
last-modified: Wed, 08 Jul 2020 09:51:56 GMT
server: AmazonS3
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-cf-id: c8KWhRquTcFdzRLRA3e7oljKU3gmZXyLVS2KFclLAmEyiha-q4_svQ==
x-amz-cf-pop: FRA60-P4
x-amz-version-id: Za5k1aCF3b8ugAP1.Dh5UJVd_ViDWDOf
x-cache: Hit from cloudfront

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Sun, 14 May 2023 23:47:42 GMT
Location: https://htlp.emp.de/
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2C8D 2 KB
2 KB 75ms
75ms Script
text/html 18.132.62.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25438500004391504444994012325016&nw=1
Requested by: Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0cc8ff08185031853dfe404af311a91788c3a6070ffd45b4b6a7a35dab7cef33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
last-modified: Sun, 14 May 2023 23:47:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 14 May 2023 23:48:42 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 9F16 7 KB
2 KB 27ms
14ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=9dbed04a9a&subid=&uid=923e083a6eff5817&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCCseHHNhZNqOPJ2i9u8Psq-W-Aim5b2gab2TnKfJD_AuEAEg8v6FJ2CVwvaBlAfIAQmpArhJv7UzZ7I-qAMBqgSTAk_QFCndpBEl81X1rAjQTTmI_VIhNIelfGsxVgb9SlhnVAXKpbEcnM58HmTkmQB31P5c_EpvlKf_Lef3ZH3DOuFLUCRy43FA-iPr_gLPLYRNN55lEAF3jgbRyUjEU05mlKlOvJv0sLst2WDINwXLc4YyM4HGLQui_h57nfeg0Ju-iDV18oXK8jhW9fRw-tnkqcp5RHCAyYMUBzBFNr019WU8a1BbYnfeU_6UhakgvP59BiDIrQimyoaTnjPC4vrtL1VCpf1a05SWT5aEmKX1SaSy_ZoPwokmQr5n5EB5PL2YMPgJiKfo1SzKlx2SweaIo0Vb1_TTnW8zQySFt9ovohc0HckFVdaU0Rf4SPxXsogDYMrpwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ%26sig%3DAOD64_2yYX2hfBAHLV4pmHMWvuhmJIlAng%26client%3Dca-pub-8738424218307822%26dbm_c%3DAKAmf-CE5XVVjKz1DvjKYH9Bj7N2oRgsA7sS92Cuv2DtBBrU36ehCxiJkVDVBlKqpSt4-xBRQTc-5CgaDZEw-2AI4-3NbX9Mamr5vCE81a9kzvh4JVEYP388JozPK1Or7oRAQvL-P2QzvFeRXG2R_FqiiLZWLrO8F3A-tLCbZf70N8uL4xk6wW0%26cry%3D1%26dbm_d%3DAKAmf-ApEwv0sXHROzsSMfdqLvo3eoI6wWXUyB-QJCrjsP-yYskfGwrpzSIedBN380IgbSrCAGkBWHij3ndtO6tOlaFFu5W4HElnWAwpam68nucvJfvXFyFqAUwaupwH_aGuI-iyukepE43Q10FQuRud0F20oP7aW4tNkuE0dvnxSR2RzLSk-NVsNv4jLOPqca_9mBNVuVnTOy4eqmkhESccDeDyw5GiFBWe9nhcXe4jvbYE8URc_av7pbCHWkNZCjCCXpY01jlfOTOOrHK6rtLCQXby8qmg3UoW4OTrNqz7K-6OeaaB0_awEkEmKnI0-WB7Dv5kLDhZLud8XnYkxLn0gBMyz6KxfFQQyhTOg1ncCM4GTMYNVDUV-t9t1PtwKSF-aiCAvdwbq7EDb6EbdSQXWGu2sGeXEN6XxRflMckHbvVHgQxJIZd5KBEMgvJu3cJOL7XE-QwZ79K-SAVIC5dw4NSCDokIzAmKNsCvyn5oD2pGRzLk_7EVd8sbFcoj7pawHTdC9P4wO7LRp3v25iCc9vPFEoTWPZrpV_IvmQELHC9EU-MJYSMDc3hyB6sR__u3yTI_UZbyH3rf1BRnzAH1HUsjhMq7hdTuTm9n5I4nf3-IXZn_GlYfgAxk80an492IEA5eWICHiiWz8AyL7QmksCt_mhuSLg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.star.com.tr%2F&ancestorOrigins=https%3A%2F%2Fwww.star.com.tr&random=1806800726651&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c81a0cf331c04d5474c31408e4f02296d82e745a9bdd2223ad177bb4374c9f38

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2137
Content-Type: text/html; charset=utf-8
Date: Sun, 14 May 2023 23:47:42 GMT
Expires: Mon, 15 May 2023 00:47:42 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2C8D 43 B
703 B 77ms
62ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=25438500004391504444994012325016&pv=1

Requested by

Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 23:47:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame FCE2 0
150 B 29ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=83343700004859200951389012325018&a=5c973309&vb=m
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2C8D 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b13d9961fd9488623b2d2814fe9ef7e6bb6c779fe380ffb646eedf05519aba41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 9F16 5 KB
682 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 22:53:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9F16 16 KB
16 KB 27ms
12ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 2dde941938b6b164b4f565b876fb166057ecc303e5a8a1b14972c210844b0f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16515
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9F16 17 KB
17 KB 173ms
159ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 06ddae2d8deee8829058c734469e78f0322205f5c2ced41a79306bd279fd014e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16798
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9F16 17 KB
17 KB 181ms
167ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/38440/creativesup/72409_Teaser_Reachgroup_1200x627_3.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 3b4ebc45f66e50a3051e4b4bcc4972492f27538a3ddc4b9cd424b7acad652045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 17225
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9CC4 85 KB
31 KB 73ms
11ms Script
text/javascript 108.157.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=72878800006118200951393012325013&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.70 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 00:27:59 GMT
content-encoding: gzip
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 83984
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 4jDjxRqfNRWjEe9eZnvg9vpnJ3wgiGakJfHiO7B6JXnLq-4tnhlOtQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 9CC4 3 KB
3 KB 49ms
8ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1684108362&Signature=IUXiiX6wW~BRA1wpiBUdFSNkjUDKZHA8tQsPa71~3igNwWmB6H208WGYaf-FcGO5xA8AzlWGZrlpCKCsLlgZfOsWqKFxoYLJvS2FRCaUORSD8ebuVmVZ-ZzeOr8RUnzGG-~0AOcERO~rjPowpFoxuIQiUTL1NTQQtHutn4KKhownrSOf0rSGQ4~CIbGh74eWUh~qxIWv2P7H6tmiY8EDeK7fLvOEQHlAxvSS2527WsBsXRD-v4vyToy525Rp4TrUbss0qFsjopWLDeEkbJtYqAMhOef4peONNjslXIevbR4P7wW5XlJJ4HnqxOeMvKE9Vp9GkipfJKuEUIkCggJZCg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 14 May 2023 11:48:14 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 43169
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: QGTzeIXDq9ah6b_VLQ6346dLvXYZrJq9ZO9otkxdcq6nZiV_ISIgtA==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 27C0 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900013.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:23:49 GMT
x-content-type-options: nosniff
age: 149033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:23:49 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 27C0 13 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900013.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:00:36 GMT
x-content-type-options: nosniff
age: 244026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 04:00:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B72F 109 KB
42 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7736057bc68c011374ddbf6426f59f7b48d40ad8a705109ea93dbd7a0a5c920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42742
x-xss-protection: 0
last-modified: Sun, 14 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame FE4C 109 KB
42 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7736057bc68c011374ddbf6426f59f7b48d40ad8a705109ea93dbd7a0a5c920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42742
x-xss-protection: 0
last-modified: Sun, 14 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame E68C 18 KB
18 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Lato:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:12:33 GMT
x-content-type-options: nosniff
age: 153309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:12:33 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame E68C 23 KB
23 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Lato:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 132145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 11:05:17 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 659C 85 KB
31 KB 24ms
20ms Script
text/javascript 108.157.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=83343700004859200951389012325018&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.70 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 00:27:59 GMT
content-encoding: gzip
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 83984
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: oTOafKw62tcin6u4XFRSn0dnxKJksHDOX6gaO_-GW8OfG9mt0jCDiQ==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 659C 3 KB
3 KB 8ms
7ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1684108362&Signature=c~nx-CE44cl474C0m247GYfWLAh8sVJcqNRK57yLoXVCd4DCICMjtIBn~PUcvt1Du5c1XzZ1gC1eNrLkMBTW4ZHRkIwKzhyPJrqpN3ndg9P3n3ZMsTjD0cyRC4CTFrLuNTIZKPKA~PvL72p5GyZZcWhX-YIfXYjYUNyHcaxmd4ezIOXusGAq7HS0HHrXh5d6I5CBiyY48pnWi-iBqLKbhTthBgOrsQE-xopoFxn8fHsZh2njHggMmax5W2lw3epmXW5OgP8phqamYkFKIwYoHPl04s3cVS04rwQAdJZkO-CH6~BiR6yYOQKS9W4iG6d31d0i5XgOcuG702JN5rdsbw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
URL: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 14 May 2023 01:54:16 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 78807
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 1Uhx9Xle5JfkaDkZMa5j5Uk3rfrboqJ1cK80IwQyxtrVyq0atP446Q==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 70BB 109 KB
42 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7736057bc68c011374ddbf6426f59f7b48d40ad8a705109ea93dbd7a0a5c920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42742
x-xss-protection: 0
last-modified: Sun, 14 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 23:47:42 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?oz_pl=1&ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&psv=2.92.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&ui=c22f667b-0000-0000-0000-000000000000&ap=&ti=7576242170919166503&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sr=4&de=43000&si=2096293204&dm=728x90&ac=651871&cr=6622332&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3132 0
10 B 11ms
10ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d64AFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FDB3 0
0 49ms
48ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDrd6xQHnn_neGp77b3uUhzhulh1HI0Jih-h1v2AFRXTOwT8qebw9AuC-zr-PyKkwvmiKKquWHDpkZ5YezTY9ODjT4g9sPB1MrYP1cbBSCYcfbts7FZFgKZn3J7U9zuBecCqKP-g3lleMBtZb5-UExxk7PFls7RJvZKaVUMHMXy8ptfvc6VXbNWRO3YdUCv5XbBHRBzGhhpTy3ydHOj_Lm4ows1VFd5NgwqIsSVBw4lh_0IQ6oaJzJuhqN6lUzX2c8EX-6SEGZuUfLsJreD8MiyZdojaakecOw3zkmc1USzpeFov5rt7aXgmpkwDeSh4RXikfEQUWkD6JpSC8EPJZbf9JOPM4FrSJqR7yu5vSzONXiuJK5oVsWlPCIuG2bKkZrZUT6YY66T9GguOxU2TpZ8nfjDpRwogPlt5PbeGb8xO2rSYsTx0LK-G8U5PdPI_HRj9ia6O4M5cuAxixWzPqtw3C3seb5Xv0yFfFzYh1SgZwmXVGF-kTiyykcZf6p7KvOlwBHuRZpJdstzKcdEYaIyOQn0fM-pY8QTjeqI9b1Mv6jNSHypSisJVkIDOy3ba_EqjVrS8YuANrgIW8X-hPxwCgYp9HotcQzbqmaqHS8w3PH6rXauCrHo85BwVkVSDkncoIoUf9CF7MEXwtGjsuZ74oGh6jER7eFfA8HN9MI7jMtlqiNV8OwrEhA8oLkDmXkdvMOu5ozaKE9ph4oJ8KwNyH4ze7TgxegILLjwlJ1PO7uFth9uwVxTEy7yoeRVFtgp1PnvtIFhfVqzCQ6cVHl1EQyX9hP4BdB5J0hCTbHMYwznenEawboMIlcnGUUUbl6r7NltNXKnnLWHVOKkfd4P3wG6Uh-NPjyDMInlf4pWPYOMu-fi1AXNLinh5C5k-3CYbCsHxcEY5UfscmoWlP-l3lxBcU74mQxvTUynJvzlML5Il3wJxx9b-BC_N7Nck_BblO2xCa0paB0eBiQuCNq8OWsodewcmbT6tJy4TYaAl9Z7RwC0YjhiNlzyXINJ-apgUmvQqRzqsOgf_b0sflWznCFdyRQ3qfu-9YdJipzg0AwyNGTNed40LVLXIrJZvPJ_NP9aXrygEJR7eSbb40UsxexBvXcCS-DGSF66TgUErMVy6csmkDSTOE6jtc6Sz2hhJ_lhMNYPxHyntL8TcPNNtNFVOfMvyo4YqADTtxxMNmJ4xDr0F9Z87RXqA97_4G1Yn4RNWSGdzdr7nB2TToE8iqLK3-qDF4wPGjHVRZmT-vv0zTym3onlU-W_kHAoS8&sai=AMfl-YShkc8JfG2cFUzk7aVXxsGg2Pa_VYOuM0f6XM84OC1CXdYxoawiJqDkbRICVMrzsdJSW_p3QSfbMxsxWz0D3enNjSG_tnnBsdru6cce2PziK06Pevezg1anR8LFwGbqY-lth7S6jxnHIIySARCvo66WDMwzcqKx9vfjDM_4PI4ip9A8tAXAyBI5gKMuoB-wwtraaVEFSIjsX_b6inyDeaL5-dYQC6DPqcmaa1u2BRkf7s-btagvVsGqkugVS1dGKwjtz7DgLXqG2TdFTtApHZQDh_Io3DiF9SGq&sig=Cg0ArKJSzLhsP9_d0-dpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=583&vt=11&dtpt=509&dett=3&cstd=72&cisv=r20230510.72295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.star.com.tr
URL: https://www.star.com.tr/guncel/trol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 14 May 2023 23:47:42 GMT

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8251 37 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 12:20:58 GMT

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 9F16 0
150 B 28ms
9ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=25438500004391504444994012325016&a=0865bbad&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=25438500004391504444994012325016&a=62144db9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2C8D 85 KB
31 KB 13ms
12ms Script
text/javascript 108.157.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25438500004391504444994012325016&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.70 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 00:27:59 GMT
content-encoding: gzip
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 83984
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: YE2WMZYe4jV_qkmWuFyqWQ01-9L-VMW5pu9gDFCOZs_g4NiYeWckxg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 2C8D 3 KB
3 KB 11ms
11ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1684108362&Signature=c~nx-CE44cl474C0m247GYfWLAh8sVJcqNRK57yLoXVCd4DCICMjtIBn~PUcvt1Du5c1XzZ1gC1eNrLkMBTW4ZHRkIwKzhyPJrqpN3ndg9P3n3ZMsTjD0cyRC4CTFrLuNTIZKPKA~PvL72p5GyZZcWhX-YIfXYjYUNyHcaxmd4ezIOXusGAq7HS0HHrXh5d6I5CBiyY48pnWi-iBqLKbhTthBgOrsQE-xopoFxn8fHsZh2njHggMmax5W2lw3epmXW5OgP8phqamYkFKIwYoHPl04s3cVS04rwQAdJZkO-CH6~BiR6yYOQKS9W4iG6d31d0i5XgOcuG702JN5rdsbw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25438500004391504444994012325016&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 14 May 2023 01:54:16 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 78807
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: P_goqOZyh93dDphPokmCPr767E9DfpZUebI2jc3xrE8uEBsFGk31gQ==

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 30ms
30ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108062428&oz_l=238&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 abc5cdc0d473ae8fdec1a4a2df9ae87c.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 46 KB
46 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/abc5cdc0d473ae8fdec1a4a2df9ae87c.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0d9c2ab12833c43d08a75cc00fda498241c9c7aafa899ee0ce4f73d555a453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47261
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 fbc70c1d0bb058b465fa32be265555bf.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 24 KB
24 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/fbc70c1d0bb058b465fa32be265555bf.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0855ced929b5ae6a2808c2ab0742971bddedebd05447fa0f87412eeee49f43e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24407
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 e87fa3d09d8371e9ab136d9525cf10af.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 32 KB
32 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/e87fa3d09d8371e9ab136d9525cf10af.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c275148fc952b276f77cee28b4f7c678fe40a8bf51a352a86f78d1648dfaf75d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32357
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 d58fb88e6fe86574688238ff0bbcbfa0.jpg
s0.2mdn.net/sadbundle/2980744069314610784/media/ Frame E68C 4 KB
4 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2980744069314610784/media/d58fb88e6fe86574688238ff0bbcbfa0.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b2a3c5bd03ae94eb2e2ead26034756b3525934b37093f0efc18dd51e3cd485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2980744069314610784/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 312516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4570
x-xss-protection: 0
last-modified: Wed, 10 May 2023 08:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 08:59:06 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9F16 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:23:49 GMT
x-content-type-options: nosniff
age: 149033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:23:49 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9F16 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:00:36 GMT
x-content-type-options: nosniff
age: 244026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 04:00:36 GMT

GET
BLOB 200
OK 854c1db1-53c9-489a-a57a-880a02775482
https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/ Frame 8985 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/854c1db1-53c9-489a-a57a-880a02775482
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 30ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108062625&oz_l=4338&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C02 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4W-uHXNhZN6PKYHl7gOw443oDwAAAAA4AeAEAg&bg=!kZKlksbNAAYldGN0BXQ7ADkAdvg8WuIku4KU-LmogYrgXNgN9cNZ_5OYHtIeZPeUM8-9f-alGREmOgf90rJQMjbXIVYzrd8SvQ8CAAACKFIAAAADaAEHCgBS5lcnUwI6jqJCsZXH847jv51FGtdRrSzK_BQxz5L5sGx82cYpU10bCtmTBSyCIDfNCb7ClYdfKG4DaBgMYu0D27cibqdCX4TCaMnLQnc8-9o0XZkC_a7VwVUSffV11VVmphHY7szEnTeeDVB1JHOR3cOkeUDv3nXgJqfE1L53Cx4BcuRS7tiwJUc1RRDeBa60XWhFZDLEegvHeFNqzfduPkhB-SE3NsyUTwFZn5FS3HRgFt7blylxlwQtC2UJemw65Nw_R6nwy4dyXKvcl74Bs-mIStYmVOTCUminDjIRr85OaFp2yntZiY-uIY37Na3XXN4JFdisRG2mIoXVQge8_mVkWikhncwAd_SYbFleWOzF5b-cIsUDD3c1v11rO1kWBHxIOsBG8XkqpTEbxKC9PzwHu8PH6Q-P_lQWSiUg0USwqHjWn9VRHKBrwi8SQfdy31UTCuAOfW6vSbV5xbAxzl0lgefTBPASwdgGER0aWNbEhawN3z8qDcQ1FJC-oDOhySM-F3jZ9sdY4JfCku3qTBmvEtaEMkA0GkPOG8clEsaTYFYTGDtBX-vjt0NUB9-L0X_apeEzz25spYlpNSbHaE2_DwcpE8a7oy1be5h4QBJKkcxc-FWD3hcN3VvrcRZ0vGT-VmFkDu4sNxuARRw-BMym4WzXSsNfFvpXye0iB6IFlGt7dLlZmY3iPtoVebp9atBn5n7SA09c89O3bxfb-OMTx3OWWAQxxrtpTxGIUtPFOVkdAkvW1Yyv7IPIik7niP0OAW27IzyWCCL7D4y7-5GFOU3dDnTmyHPzbgbyhTJFmheqzRGB5Vys_6enjN448Xjrh51vaw57I6ChSVlgND20uFMnj-mWloT3o1JYuaM0bn_0bMcCqPqgaqylRvEGlJ_QQ_x7OoxHlTM9icwPv1Tde7JVWind64uvza3TKYBMmrIhNu4ws1mAlxdKKXGv4lMZczOAdIIusXbviC5UeJZndh2xVttJEl2AW5X6iXdDqEuLUiRWu-ZQQiuByA-VQi5jwvSE0yH_DlLJMz9vUkfxizDwunICmS0j82up_edog-DeA0zS4ZVGBpsy24AWbd-aUX4fNQLkIw2T8ZyL_GkznKc7siizRFdI9s6zzOsd2g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8251 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByjOGHXNhZLyoK-WD4gHX-YbgBAAAAAA4AeAEAg&bg=!cnGlcSXNAAYldGN0BXQ7ADkAdvg8WmpEXGb6qtrwiFKg76LStH4eKMEcRjyGPjEzmuGnt1OnIPSHn3kH8LUfGEZcpQq0m-0p-iACAAAAl1IAAAAGaAEHCgAc1k1GLCA0hfZBHpvarMCz3Ho9lrGLfCNc6cZM1JkC5K5wdlsXLr6q8NjrOHuybbmygWIyXDKVmOFovKCxxa8mkNgszYDbQ_4eifswOQvdPcMl9uNaSh6ttm6QF9zRF5vF7ZeHIIxqbCQUQNuKeRfuoyZQWK2D6Y29LhNvv-zKm60QBWaigT2LddQwKRjyDMYJABKwDsSSn8nkHzYGfKvg4WBxAl6aljlZKzaRJkQQ7Aeaigeg0eo9NSKsvscXU08Om0yy35TH_Da1lGdAOn3RWR5xu3C1fO8IHKcuYHf37JyNXZlCLK9-aoYcegplHkfqiYqkCBD5MjfD4LFwmbwv8UYt6I6yKTjDGGu8AD_bYFELPv5C9z0UjKbYa9vOnZ4CElZfQYPpu9mmnUmoVHEl8XRrfYpOXE_y_uW_uK0k4ph8z4lmOMwrrWOCmwkIcAmrsVZpiz0t5f43OMk17qTt0bmbbyMXLh6nHoIyINy_RarCZWtEaYzsfYfy-1LsANorr1ribxVqPfa_kb-bpHwk7DRbUfgiFYWhzlec1Te92tzjXKZOANmuKbOEvQgdZLz1zG73xnQwoDHNUoRjB4ujAcv_NvgbKmf373BqCWftQIol55CmcK4NH8rfO0irbHNS0t7zCDW8DAwnWlBjogpw-OgWwNSPmuUVRToySTUlilPkg2x6hy-ZLQGIMEr3Mo5FF_O_GeDQopMe6YjmUhdk08kgwoYVDeUQROD0JpcVf4WjatItEYkzIfvR9ITINYWEQnlEikNb6WrHJ0T6wx4StaPMW_NNdWpHv3-6KGjLs3gjw62imwGGDma3mFBFcwlsdHolPnh0eK2BvsHqo5DvTj9bXb1-CU9CgIDE7h5WvivKjb40eA_BIIVrmkImjNp1ut1SPyVJd8VUpyRNfLG5pWDUXUIzsAepFkEg5_y42uEfPJwA80_ef2zazpuXMI7Vlm39Cn_wJSpAgHScSpFTEy7rReQQ21jRrFtqPU_KGHW-mvjCMzUNKdQqV_4MvlSKxmj-

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5B43 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzB4SJQD960lzN07AFmtuxblMjewe87bvqNDm_r_e0IksBeuPjWd1cuP1EVuSL1vlRyuwsrVpDlqXTBYhY78woXRoTDcEi5-iIr8JCsyVSwW_vOwkquRzV5Xl_HanUTw35d3FrwV6ZcDjDiCBCV6ajQW77bAGtb5mK&sai=AMfl-YQSN9_s7XQq3xmEsLVWoGuGkP_1Zf6sOBJToWw11lNEcFaKOoMOHMt0tBZTKFyU7UN__tlpSOrH4QUhYDK4uqhOxtmDYod5V8DjA2QPM3VWyE7vqwHFkdxlhnCv7B8BvevQ8cKOVyYltKBRVA&sig=Cg0ArKJSzFWtpSpUiawNEAE&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&id=ampim&o=170,290&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=482&tls=1482&g=100&h=100&tt=1482&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108062814&oz_l=6780&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8072 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtCOGedLLDjw1rDIYPoBmM8MlbUVqxyAWNFYrH8dy9Sc8NVBbGH8oL77u0Nb1LYQL3JS7saKn7kaMuhyyqntpispiVcER_WAVnx2dGG5i6xtxbyo43BE1s9xFKIjUy1oX3_9c8vw&sai=AMfl-YROhLnpI9uIrG590mOoEACttirqVJz9I8FHUucmVfA_H0QzMPWPka9xU8x3qWc9q-NkQmLqkxmeifYN1Xa59eLkfNJJR0BWeveQSmO5P5mUJB85yUw4g8Bu0A3m1xhx36eC_Bn-2k3HBseCuA&sig=Cg0ArKJSzPhr8PBNZZkFEAE&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&id=ampim&o=315,306&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=527&tls=1527&g=100&h=100&tt=1527&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108062966&oz_l=254&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDB3 42 B
175 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYSNPxWmXSF3zEHTi3OX17eLe7lxYU5G8qEU7d5UuBAQ4X4Pw5QkN1VZlM9XjqaeBVZVg2pN05IDeabd3Kmz_MGsxSECMbafNM9a2jzA7oGURDQJ6WdTXiXdz4wy9t0J8o9AYMjA&sai=AMfl-YR6bRc3fUYBkS_IAW43GF2jTVVEj1LjzTJUKA8SAFhtLiluQuu4Vij_5ruPRg7yTE9BNRlIYckH4MO2ok4mcsHD8U_J7euC1nEYUIiL_a6uj1GbL81NMYdOiA-zBOEZLwPEqEj_F85XSzPiGg&sig=Cg0ArKJSzNROHNjbSY7GEAE&cid=CAQSTABygQiDoWWsoQ-TeCZ6aJD36GwJEdEMoK92poeLpGIUHaWlijw6ZxajTIB5us8feZR74G2iFW9KAqAaDorSofby8w5CXMlTg-SFy58YAQ&id=lidar2&mcvt=1000&p=290,1310,890,1610&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=3151654258&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684108061305&rpt=661&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 659C 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdfpKUMg_rhnqQJmLnvc8i6FyJuoZfcT54-X0JNccI0vi4s2gcV3zYwfLLk5RDeQ6PnvxdtWexjVD-ykgcVwiXlEhF&sig=Cg0ArKJSzPCOQ0p3qIsOEAE&id=lidar2&mcvt=1161&p=0,436,90,1164&mtos=1161,1161,1161,1161,1161&tos=1161,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=414477023&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684108061339&rpt=737&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame FCE2 0
150 B 23ms
9ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=83343700004859200951389012325018&a=5c973309&vb=v
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=83343700004859200951389012325018&a=8631fcf7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:47:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ca Show response
choices.trustarc.com/ Frame FDB3 6 KB
3 KB 148ms
109ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=29913092&js=st_1&sz=1x1&c=te-4fb3

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=29913092&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6d2b81103af958728328de262158d9263535eef1093524a1733ea6bec2b3e985

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2135
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: _qw3i3emAVzSKahHu43pKfXUXTJ0k1FSw_cPEh0QCMBobzWyM6Y1Aw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame FDB3 38 KB
12 KB 48ms
9ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=29913092&js=st_2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=29913092&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 09:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
age: 52924
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: budLFn6RH14Hw-LZm1r_FrgZ0jKnx5n2r-S1e4szWqbQrob6z6ptAA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame FDB3 43 B
1 KB 146ms
107ms Image
image/gif 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=29913092&w=1&h=1&c=30bc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:47:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: RgeQSmzTa9KcQG20Pd0xFfrlXZFY5CufgX6i-oFeGHk0UK_9Qu6MJA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDB3 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8164298088120&version=m202301230201&ct=76&x=1&cor=11883052444250348000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=114524255750530&bg=!Pj2lPWnNAAYldGN0BXQ7ADkAdvg8Wq6F5kWmTvMmRN6HWdJoSPVN0fX2Nmz_VV_kJwmAd7Ule_OIK3hD4S6h-d0nglV0fPJUDxUCAAACDlIAAAACaAEHCgDpRAQWIVJ7b9fLVibyouRSrXMg06_MofaYKzRDFRvMvHbhq7jwNKIIB_7dYr-pClhELvfmJmjuTh5ngPF6FO3V8OtOf-7cwOJ_KH6yUcywAEUIO5yuwyp5gVVI4E0PkwiTZKlhJEaXz5BTPasgM8tqLhHCYTx_cBzuvjxUtFpQlaqfglkwiiNDBnzfQSiMfqm7pnTpYqjz0sZQT4wwIKGyV7lA5KV6sW0e2JR9YC0FeKOJJJdqLqAF7UWVEiOZx0XK1qbYJj3WpJcCwq9kaeTcZyZ5p54CbeE3KCcthM17BD1SBwnfoYB2hciZAp2BfZFblbZsaDgCS6RYTywPArd36cqBEQm5AjIDV4Lur0MRsqpb1Y9XadA7hwI2bRl_wGTw9xxoOoNCrrYjCOhXgafDzC0w8FNQP_J1-3gGM8dUDJnZd-tZx55wQ2yP59gy_YVYt7xkQ9Ndlsz1qlYasxiJLuCkP-L9Iy7B0cCVPxyZCVvkpI6y1i09xY_8wLhCGL043wwSeQaUC3B9K5LzBdOqwIbD19yXqbbKlzjn5WpzBf7iqb9-1gf_UbgbvcL3NH2IaqI33dhzoYwHSGCbMM8Zc21bk4N16xwBb-loSRf2Lr_v2YDK5_oawFPk-LLE2cX_luzPqk74iWj9WJM-oYdnMKAeRxgpGWKuNKGALmymRVQ54Vr4bgH5oHamWfFBhf2i_f04mQq3hRylvZcCL7Bcw-ZiSZeh5rxR3STU9rE_rdE9nej8LIPMtIuOBAzU5HzhBhyr_12wpY1KWPKbulOxJGOZMZ6QfrV_XqPwWwNBaWbieJ9eKjxhdAO62vDR9fIFvgI-Jqt415-Ylnhn12RNqc0yn9ry0S8eJOBBRi65ozIOoIEsd_5ZbjEbQiegisV_-yqzFCMxCKf6yWC1tGUIiyMURnY2f_xjrUHrMxzWMz5wNW1uZOZo8AY1XckbBMncklDdXSu95H14hyAVw6EAlrMBPXZki_FbXp0RkjY1jwrp5423ImB7DTB5BX0CcqCYKbtKBB4FkhuV0Z8F8VAGUM_m69_WOx-iewWaYX3tl9DpV24fbC0hZc3p5VVZ2Qwz9ckuGzOq9g8aiV6UBKBkqwzfWQ6TnIMVCbRRG-toAbFsuSoDUYDKb-frS5XLw_0kCD0mrEqZH2ovWVoS0nuzKqYaS5FGzQiVFMdAczysYr0qWFG0TzxELbU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.star.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 105ms
20ms Preflight 52.56.180.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.180.81 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-180-81.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 14 May 2023 23:47:43 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2C8D 16 B
233 B 65ms
64ms Fetch
application/json 52.56.180.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.180.81 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-180-81.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 97ms
19ms Preflight 52.56.180.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.180.81 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-180-81.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 14 May 2023 23:47:43 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9CC4 16 B
233 B 75ms
74ms Fetch
application/json 52.56.180.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.180.81 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-180-81.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 659C 16 B
233 B 76ms
75ms Fetch
application/json 52.56.180.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.180.81 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-180-81.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 87ms
20ms Preflight 52.56.180.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.180.81 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-180-81.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 14 May 2023 23:47:43 GMT
server: nginx

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108063610&oz_l=351&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C8D 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8114003535102&version=m202301230201&ct=77&x=1&cor=5882153829682511000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 23:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 2eb7746a-e1eb-4299-ba74-c18b452765a4
https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/ Frame 659C 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/2eb7746a-e1eb-4299-ba74-c18b452765a4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 802
Content-Type

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108063789&oz_l=731&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 get
choices.trustarc.com/ Frame 1615 287 B
627 B 8ms
8ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Thu, 27 Apr 2023 13:39:49 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 1505275
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: 0K_fIwrrQUjxwwPGpRPGAniO1X5tLwkOudrm0KyLdNnbzOoXVHip0Q==
expires: Sat, 27 May 2023 13:39:49 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 1615 739 B
1 KB 9ms
9ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Sun, 14 May 2023 01:13:18 GMT
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 81266
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: _wTNaZ5S5kBlWM9uokUWDEiHoopPsU1ZEImcbGUEzkq36qe0G1-7_w==
expires: Tue, 13 Jun 2023 01:13:18 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108064017&oz_l=3226&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 30ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108066732&oz_l=1184&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:46 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/ Frame 659C 0
145 B 29ms
29ms XHR
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.92.0/619621/Af_jy6gMEAPpEYQS/postback?ti=7576242170919166503&sr=4&ac=651871&dt=6196211556140246740000&pd=avt&ui=c22f667b-0000-0000-0000-000000000000&r3=&ci=619621&dm=728x90&c1=4562306&r1=2a01%3A4a0%3A2b%3A%3A&r2=&ap=&de=43000&si=2096293204&cr=6622332&ai=216536&di=https%3A%2F%2Fwww.star.com.tr%2Fguncel%2Ftrol-merkezi-ortaya-cikti-iste-chpnin-cambridge-analyticasi-haber-1784819&pv=fbbf40d0-4f1b-4044-9a9f-9bbf469f6893&pp=pub-8738424218307822&sid=Af_jy6gMEAPpEYQS&oz_sc=09202219275e6a0e08af3d51&oz_df=1684108067891&oz_l=268&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.92.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 May 2023 23:47:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.star.com.tr/	1969-12-31 23:59:59	Name: ASPSESSIONIDSSTDTQCT Value: JNANIAJACHGFLMFIAJKFHDGE
.star.com.tr/	1970-01-20 21:24:28	Name: _ga_CJGE1V798B Value: GS1.1.1684108060.1.0.1684108060.60.0.0
.star.com.tr/	1970-01-20 11:49:54	Name: _gid Value: GA1.3.28936417.1684108061
.star.com.tr/	1970-01-20 11:48:28	Name: _gat Value: 1
.star.com.tr/	1970-01-20 11:48:28	Name: _gat_gtag_UA_1200121_1 Value: 1
.star.com.tr/	1970-01-20 21:24:28	Name: _ga_FSDDFXFXJV Value: GS1.1.1684108060.1.0.1684108060.0.0.0
.star.com.tr/	1970-01-20 21:24:28	Name: _ga Value: GA1.1.913765282.1684108061
.star.com.tr/	1970-01-20 20:34:04	Name: _ym_uid Value: 1684108061416525587
.star.com.tr/	1970-01-20 20:34:04	Name: _ym_d Value: 1684108061
.mc.yandex.com/	1970-01-20 11:48:28	Name: sync_cookie_csrf Value: 413422462fake
.star.com.tr/	1970-01-20 11:49:40	Name: _ym_isad Value: 2
.mc.yandex.com.tr/	1970-01-20 11:48:28	Name: sync_cookie_csrf Value: 1657425010fake
.mc.yandex.ru/	1970-01-20 11:48:28	Name: sync_cookie_csrf Value: 2554311927fake
.star.com.tr/	1970-01-20 21:10:04	Name: __gads Value: ID=defdd7258c2829f6:T=1684108060:S=ALNI_Mbl1Dc0Ho9Tpd-OvU0KcEDF_Ycwug
.star.com.tr/	1970-01-20 21:10:04	Name: __gpi Value: UID=00000c15a07ec213:T=1684108060:RT=1684108060:S=ALNI_MavAghWOf7epocpNCsLytrdzwhYjg
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2568164291684108061
.yandex.com/	1970-01-20 21:24:28	Name: i Value: 51+R8xoyaTotJQdtCaaxVMvZZVWm2Ku3a/vu6pF4Zi5VRiRm18JNASG1Qw2E6Bl9vC1+8v0B7OwOpyDNYIlxjmmgHEU=
.yandex.com/	1970-01-20 21:24:28	Name: yandexuid Value: 5085578021684108061
.yandex.com/	1970-01-20 20:34:04	Name: yuidss Value: 5085578021684108061
.yandex.com/	1970-01-20 20:34:04	Name: ymex Value: 1715644061.yc.1684108061#1715644061.yrts.1684108061#1715644061.yrtsi.1684108061
.yandex.com/	1970-01-20 20:34:04	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-20 21:10:04	Name: IDE Value: AHWqTUmyhsE_oM5xZS-c8A_UJ4uCXUw6J5JoM59e8kNDZQ8eFpyhOFDkr_CPQWEpHqY
.mathtag.com/	1970-01-20 20:34:04	Name: uuid Value: 85686461-731d-4d01-bc22-b7f23a20c4b4
.doubleclick.net/	1970-01-20 11:48:31	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 13:58:04	Name: uuid2 Value: 6026496917496440733
.casalemedia.com/	1970-01-20 20:34:04	Name: CMID Value: ZGFzHY6rjmoYTYnMNxxbNwAA
.casalemedia.com/	1970-01-20 13:58:04	Name: CMPS Value: 2176
.casalemedia.com/	1970-01-20 13:58:04	Name: CMPRO Value: 2176
.adnxs.com/	1970-01-20 13:58:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVR=dY:d!@wnfH8K6pQK`!5=E<*L5?%M/gYO`P0tj!S5vh!u1+o)54B#'p9y$Kmk$?K@%nugO%v4VB%nmFh)jOGh
.star.com.tr/	1970-01-20 11:48:29	Name: _ym_visorc Value: w
.redintelligence.net/	1970-01-20 13:58:04	Name: 8lcfmzhxc8d6_uid Value: 315571d6a1e5c98b
.retailads.net/	1970-01-20 12:31:40	Name: ppb2172 Value: 2720914517
.futalis.de/	1970-01-20 13:14:52	Name: raSIDb Value: 2720914517
.awin1.com/	1970-01-20 11:58:32	Name: awpv14098 Value: 296283\|1684108062\|b79ee350-f2b1-11ed-b339-2265b7c46fb7
.awin1.com/	1970-01-20 11:49:54	Name: awpv14172 Value: 296283\|1684108062\|b7a41370-f2b1-11ed-9d45-2261c3620022
.awin1.com/	1970-01-20 11:51:20	Name: awpv22610 Value: 296283\|1684108062\|b7a43a80-f2b1-11ed-b339-2265b7c46fb7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
.emp.de/	1970-01-20 11:49:54	Name: HtLpTx Value: Awin
.office-partner.de/	1970-01-20 21:24:28	Name: source Value: {"webgains_webgains":{"timestamp":1684108062594,"clickCookie":false}}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/854c1db1-53c9-489a-a57a-880a02775482 Message: Mixed Content: The page at 'blob:https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/854c1db1-53c9-489a-a57a-880a02775482' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/854c1db1-53c9-489a-a57a-880a02775482 Message: Mixed Content: The page at 'blob:https://62507208943cf4d9522f918611812145.safeframe.googlesyndication.com/854c1db1-53c9-489a-a57a-880a02775482' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62507208943cf4d9522f918611812145.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
assets.turkmedya.com.tr
beacon.sojern.com
cdn.ampproject.org
cdn.retailads.net
cdn.track.production.webgains.team
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
hal900016.redintelligence.net
hal900018.redintelligence.net
htlp.emp.de
ib.adnxs.com
imgs.stargazete.com
imgz.star.com.tr
mc.yandex.com
mc.yandex.com.tr
mc.yandex.ru
pagead2.googlesyndication.com
pixel.mathtag.com
region1.analytics.google.com
region1.google-analytics.com
s.update.mediamathtag.com
s0.2mdn.net
sc.cdnstr.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.star.com.tr
104.102.45.165
107.178.244.119
108.157.4.70
116.202.48.214
13.224.189.85
138.201.220.30
142.250.185.162
142.250.185.98
143.204.215.43
144.76.91.199
18.132.62.161
18.203.131.238
185.29.134.245
185.80.39.216
185.89.210.244
2001:4860:4802:34::36
2600:9000:225e:fe00:c:6264:8240:93a1
2606:4700:20::681a:671
2606:4700:3032::6815:5d29
2606:4700:3038::6815:eb63
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9a
2a01:4f8:d0a:2321::2
2a02:6b8::1:119
2a06:98c1:3120::3
2a0b:4d07:102::1
46.4.10.47
49.12.22.42
52.56.180.81
95.101.148.198
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0109d9f65a35077fc5b14b52bb1ea98ea417ea9b895e48f619f520ced0bd030e
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661
0339ed26c9589601d79fa2a0aeb06410233a44eee897b365f8db0d8a83070a65
05af15f722975539188b8df2989e6066ff9d945cd74d4c4b258fd708f27f5ba7
05e9e646434e6492b519e49ca0922692836622607dfe615eeab6fee066ba26e8
06ddae2d8deee8829058c734469e78f0322205f5c2ced41a79306bd279fd014e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0855ced929b5ae6a2808c2ab0742971bddedebd05447fa0f87412eeee49f43e9
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc8ff08185031853dfe404af311a91788c3a6070ffd45b4b6a7a35dab7cef33
0e487e67388d2b144af7606b7a9d2c584208ddbd21a6c146232922552da2911e
0e5ba79c1c730a01eeafba8a9c18f41da1c07cc4bda3d75848fe0fbb690a7a22
1116d90a09bdcf335c59bef209e39f1ce79ffb80ef37f32ef5ae69f8fe55a4c1
11ce30eb457cbb66ea68bdf218a9c988a940819d0c9b44edbb18fd52f166ac51
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18e08ef3d1b80fd390400903e293a3ff1a7f3f110650fdfd9cc5589631617086
19d8c7464e44563865b1ca86c198c929437450da6fccef060e815062af9c2d31
1b2a15e5f2b86c01ad721ace1caf06eb76436d86d2dc03522d992028b38e6a60
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea
2dde941938b6b164b4f565b876fb166057ecc303e5a8a1b14972c210844b0f8a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e968e294e26343e61905743bbe103e0fca9de62ed576695ac6d148cc96a3bd1
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316b655db4e34a89393655bb1ac25d46509769516079c31c031252a79264e30e
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
34c2e0e5dafe8e8de539327699368c89c130abce2298174c9e6d29461ac69fae
34df82dfc40337a0cc832eebc63a84157fe094f687275bc036a6a9681eeaa81e
3629d300aa4d72e205d63d26451c3d3e2d444cc825fb2bb8bd8c769adecb00fe
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38d958461510e14ff6b240a20c8b40939c68de3263d99089c195ec0bd4bc6aa7
3b4ebc45f66e50a3051e4b4bcc4972492f27538a3ddc4b9cd424b7acad652045
3c0d9c2ab12833c43d08a75cc00fda498241c9c7aafa899ee0ce4f73d555a453
3d2980153e9c19c5f7b5dc909a6d14e24b48d7952cead72aa01a9069594d3f39
3f1918f9c400cd209d2f4a7affb6bb1cc8633fc26a8375cdd2b33015d349c230
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c1eb94e0a13fce745f6a2511ada0b21d23b56b884aba97dff1233508295073
483ba79bfdf1384e0ac2af27f5d38ea60798fd419123f815d6dbd223342cfa02
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4ec7eafcaecb8df31c53886c64fcac0dfa44f5e19c5862f92d3c2ed8f07fb2ee
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e5e528ecb3137b39cdecadff5d7fc965ee5378ffbe4768646ed44d069009d7
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5b93641b26dd13b5b00bb077675aa45de2659e5bac21e086945501cf35b512e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6405536ffab9964897bf86e7810a18c058c3c3aa3635ba1a27efac910e2af6e7
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5
6d2b81103af958728328de262158d9263535eef1093524a1733ea6bec2b3e985
712daa70746eb462c64a75be9281a41f2bea688731d47c405d1b6eb5ff242c65
717a3a144c5e129a5d32a37edd7ceac8d9b01416df65464d8be17ccb113392e2
72782c8f194ce49ea22493364106530da28f2e2ec28d1d5fca2907e34ca0e04e
75a1863e3707cda84f14cca198609089b220831fd9606151ecd5ed3a4868c4e2
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
78d4dbd16701a18be9db658dc743930d56303b70b45993a962ff8e82edd04253
78fd59443c5459d53d6d75afc549f0de9cf23407edab4908d7fa549fba3ae5eb
795e2d2ae40f821d4dc671f5ad6a7a0f6ef89201fa501e3c0d306ec8e625613a
7aa95990d6fead27cf0e84310a577fdfde514c88a3a15a00d278aae5decb7c71
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8706657c9fa498b993ea4c6ea5d1967708b52392f511d7285f6aafe508b118a0
8a2d221cc0923d55f39d4f30c0de7e48a11da97290c6ab979e63aee4c4076ef6
8a89b68fc29696742f4ef6da3d1250c1aaca98363ada42faff4e4204f2a1fda3
8dbf27de8471ffe31a2edb3457132300a28567a63df08274b6d1b3725ace8405
911f45a0771a61386a758d134bb652b30678a6c866fb4230ad63692eee6a5ba6
918df07402cf0622fa85e2e60b2038d4b5640a4e3f432b111d49a452f2edd584
92948c1445ba05c1d3e9d1eda3165882665225db39c24951b3aa737612ebb29d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9af9221ce3f93bd109d974baede25b609f7f5f487b2a213537c7aad5d63b959e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a0eaafdad2b5601750152ec4733e7fa3129723d599bbf2319395ae5026d5da21
a1e61f29bfbb7fc214937a17c2619f1f2d138a838a75c09f58c886b0af2111cf
a34cd1e01a7aef8ea44a7e23d714ec362fa40370d6a0730150a882e2f05ecc48
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ab96e60262520cbc3e31bdffe2ed5484b4f8608c4527f0b17e7d7e4a3f85ed02
ad2159dceff0dbdd184c31296707c36052fc996e4d8532ad0baa8407edff0b67
ad2df7e705d96ed9ab4552a6628c122f94561b99cb9cfc2778d41790d3a5ba86
aebc2601477fe5ae546fc6ec9f708ee2d30266f6aed1609338994738da871f7e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b13d9961fd9488623b2d2814fe9ef7e6bb6c779fe380ffb646eedf05519aba41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2267b950b6c07b23b05cde097244b2fb795259fa549a1714e38cdd114bfb12c
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
b369e8dadd0a497d68ed1561188bdd41e0afb763fde97a5f6d4cc408a2a5c7a3
b5c436ca89eb9a67827a130ea5a324d4d2db258224f709961bd1d5187a2f5900
b689063761c6e27d06ddc9e91b1eed3c8947ab79c8fceff9bcfba9fcf4737554
b9eb70651027354655ed6d2559932a191b73618d665f784ceb0a61e54ed82eb0
bab0c9268755844efdd7d39af7fa68982cb138a2c09bf96bfdf6c43a3878689d
bb20771db1ae86cf5262fe463b08fe831f71d33a2fc60a5503bb2679caf412c2
bb936018c7a9048a6366e10ca7132a40484568dad9bb453d36960472d789eda8
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
be80eca4dbc8cba1ffc7dd7d5046eb703ef496d361ec598719ef77a15d8956bb
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c275148fc952b276f77cee28b4f7c678fe40a8bf51a352a86f78d1648dfaf75d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c59d70e46fb6d356ab1daa2bb04863d56f7109c53750e12f5420fddb401ba622
c5e227a8b7b4a32c9960d3f7ead2808d21587ad814e152bedf4720f7c2a14d09
c7736057bc68c011374ddbf6426f59f7b48d40ad8a705109ea93dbd7a0a5c920
c81a0cf331c04d5474c31408e4f02296d82e745a9bdd2223ad177bb4374c9f38
c8389bb0438f96924f918825c29f4a6e89ca86c06c8a6f587a05eaab1aef20ed
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b2a3c5bd03ae94eb2e2ead26034756b3525934b37093f0efc18dd51e3cd485
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
cfe7a1b89393700e6e2aaebf3d24b1f3983b7ed69f49c07dbb088555a655451d
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
d647a7e26947913a559461fa94fdb54e061002b865692225cc22e80a4d8a80f4
d6d6da77219fd87f0495556d5d3c08b40de4cf1840fc52be97d54d5cc98e03b7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8af29f8d2044c9eebf854b988d2ec9500878fa392e2aacdbfd162e82e34f270
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0675b7f881226109bc653970f396dcae5dc43ad743425a4b98a0f72ffe511bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e70c31322d69ee7265161c04efdf7aac38c2b1176fa9ee92ef184e40c9c6129b
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7d773851e24d1339477d52eed73207315fff3c690e253c8fbd964637453792b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbae87651ee5e6a28cc9f38ee6c09ff1fe7b82a3013a91786721a565d944b78
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
f17c32e55f77b6eb774108c7b6007de0162f078ed2fe64782e6692a6f051efc1
f440ec2f012a103c0c25e7431814605da946927132ecf5b27f5aa84184a9d8cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fab231fbfc156c6195e0fa7e07d5effaa4d6cf51f8d91d3b4a77d116c693b927
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

www.star.com.tr Open in urlscan Pro 2606:4700:20::681a:671 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

266 Requests

94 %HTTPS

57 %IPv6

34 Domains

51 Subdomains

48 IPs

8 Countries

3171 kBTransfer

7355 kBSize

39 Cookies

10 Outgoing links

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.star.com.tr Open in urlscan Pro
2606:4700:20::681a:671 Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

94 %
HTTPS

57 %
IPv6

34
Domains

51
Subdomains

48
IPs

8
Countries

3171 kB
Transfer

7355 kB
Size

39
Cookies

266 HTTP transactions
10 data transactions