www.ntv.com.tr Open in urlscan Pro
137.117.149.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Submission Tags: falconsandbox
Submission: On November 03 via api (November 3rd 2020, 3:14:24 pm UTC) from US

Summary HTTP 136 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 44 IPs in 12 countries across 27 domains to perform 136 HTTP transactions. The main IP is 137.117.149.204, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.ntv.com.tr.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 12th 2020. Valid for: 2 years.

This is the only time www.ntv.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	137.117.149.204 137.117.149.204	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	195.142.105.29 195.142.105.29	199484 (BETAINTER...) (BETAINTERNATIONAL)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
6	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	104.103.89.30 104.103.89.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2600:9000:218... 2600:9000:2182:de00:9:c37:b540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:5a3::3b8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
2	31.3.2.97 31.3.2.97	21245 (NETSA-AS) (NETSA-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	95.142.20.17 95.142.20.17	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
1	149.202.208.200 149.202.208.200	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
16	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:218... 2600:9000:2182:b400:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:10c... 2a02:26f0:10c:5b2::3b8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:218... 2600:9000:2182:2400:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
3	185.193.6.142 185.193.6.142	206192 (NETLOJISTIK) (NETLOJISTIK)
1	184.30.210.81 184.30.210.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	212.71.236.31 212.71.236.31	63949 (LINODE-AP...) (LINODE-AP Linode)
2	185.3.93.185 185.3.93.185	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.206.6 216.58.206.6	15169 (GOOGLE) (GOOGLE)
3	54.194.173.24 54.194.173.24	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
136	44

3 137.117.149.204 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.ntv.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 195.142.105.29 (Turkey)

ASN199484 (BETAINTERNATIONAL, TR)

dygassets.dygdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ntv.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.ntv.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.89.30 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-89-30.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.182.200.29 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

gatr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:de00:9:c37:b540:93a1 (United States)

ASN16509 (AMAZON-02, US)

wps.euromsg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:5a3::3b8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widget.engageya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.3.2.97 (Turkey)

ASN21245 (NETSA-AS, TR)

cdn.segmentify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-20-17.purepeak.com

premium.engageya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.208.200 (France)

ASN16276 (OVH, FR)
PTR: ovhfr6.host.hit.gemius.pl

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:b400:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:10c:5b2::3b8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

images9.engageya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:2400:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.193.6.142 (Turkey)

ASN206192 (NETLOJISTIK, TR)

dcc2.segmentify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.210.81 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.31 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-31.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.3.93.185 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-185-3-93-185.london.nodebalancer.linode.com

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.6 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.173.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-173-24.eu-west-1.compute.amazonaws.com

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	ntv.com.tr www.ntv.com.tr cdn.ntv.com.tr cdn1.ntv.com.tr	3 MB
17	criteo.com bidder.criteo.com gum.criteo.com	2 KB
12	google.com contributor.google.com fundingchoicesmessages.google.com www.google.com	122 KB
8	engageya.com widget.engageya.com premium.engageya.com images9.engageya.com	114 KB
8	cookielaw.org cdn.cookielaw.org	148 KB
6	yandex.ru 1 redirects mc.yandex.ru	96 KB
6	gstatic.com fonts.gstatic.com	56 KB
5	firstimpression.io ecdn.firstimpression.io cdn.firstimpression.io	635 KB
5	segmentify.com cdn.segmentify.com dcc2.segmentify.com	37 KB
5	gemius.pl 1 redirects gatr.hit.gemius.pl ls.hit.gemius.pl	12 KB
5	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	115 KB
3	googlesyndication.com pagead2.googlesyndication.com	133 KB
3	facebook.com www.facebook.com	539 B
3	google-analytics.com www.google-analytics.com	19 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	67 KB
3	criteo.net static.criteo.net	36 KB
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	facebook.net connect.facebook.net	91 KB
2	adrecover.com delivery.adrecover.com	12 KB
2	dygdigital.com dygassets.dygdigital.com	76 KB
1	analysis.fi ecdn.analysis.fi	2 KB
1	bluekai.com stags.bluekai.com
1	google.de www.google.de	106 B
1	euromsg.net wps.euromsg.net	52 KB
1	bkrtx.com tags.bkrtx.com	11 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	onetrust.com geolocation.onetrust.com	356 B
136	27

	Domain	Requested by
16	bidder.criteo.com	static.criteo.net
16	cdn1.ntv.com.tr	www.ntv.com.tr
12	cdn.ntv.com.tr	www.ntv.com.tr cdn.ntv.com.tr
9	fundingchoicesmessages.google.com	www.ntv.com.tr
8	cdn.cookielaw.org	www.ntv.com.tr cdn.cookielaw.org
6	images9.engageya.com	www.ntv.com.tr
6	mc.yandex.ru	1 redirects www.ntv.com.tr mc.yandex.ru
6	fonts.gstatic.com	fonts.googleapis.com
4	gatr.hit.gemius.pl	1 redirects www.ntv.com.tr gatr.hit.gemius.pl
3	cdn.firstimpression.io	ecdn.firstimpression.io
3	pagead2.googlesyndication.com	ecdn.firstimpression.io pagead2.googlesyndication.com
3	dcc2.segmentify.com	ajax.googleapis.com
3	www.facebook.com	www.ntv.com.tr connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	static.criteo.net	www.ntv.com.tr
3	www.ntv.com.tr	www.ntv.com.tr cdn.ntv.com.tr
2	ecdn.firstimpression.io	www.googletagmanager.com ecdn.firstimpression.io
2	connect.facebook.net	www.ntv.com.tr connect.facebook.net
2	cdn.segmentify.com	cdn.ntv.com.tr cdn.segmentify.com
2	ajax.googleapis.com	delivery.adrecover.com cdn.segmentify.com
2	delivery.adrecover.com	www.ntv.com.tr
2	securepubads.g.doubleclick.net	www.ntv.com.tr securepubads.g.doubleclick.net
2	contributor.google.com	www.ntv.com.tr
2	dygassets.dygdigital.com	www.ntv.com.tr
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ad.doubleclick.net
1	ecdn.analysis.fi	www.googletagmanager.com
1	gum.criteo.com	static.criteo.net
1	stags.bluekai.com	tags.bkrtx.com
1	d.agkn.com	js.agkn.com
1	js.agkn.com	www.ntv.com.tr
1	www.google.de	www.ntv.com.tr
1	www.google.com	www.ntv.com.tr
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gatr.hit.gemius.pl
1	premium.engageya.com	widget.engageya.com
1	widget.engageya.com	cdn.ntv.com.tr
1	wps.euromsg.net	www.ntv.com.tr
1	tags.bkrtx.com	www.ntv.com.tr
1	fonts.googleapis.com	cdn.ntv.com.tr
1	www.googletagmanager.com	www.ntv.com.tr
1	geolocation.onetrust.com	cdn.cookielaw.org
136	42

This site contains links to these domains. Also see Links.

Domain
www.ntvspor.net
news.google.com
www.reservemediamarketing.com
platform.affiliatetrack.co
reservemediamarketing.com
www.dogusyayingrubu.com.tr
ik.dogusyayingrubu.com
www.startv.com.tr
www.eurostartv.com.tr
www.kralmuzik.com.tr
www.ntvradyo.com.tr
radioeksen.com
radyovoyage.com
www.ntvhava.com
www.puhutv.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
flipboard.com
play.google.com
apps.apple.com
appgallery1.huawei.com

Subject Issuer	Validity	Valid
*.ntv.com.tr Go Daddy Secure Certificate Authority - G2	`2020-02-12` - `2022-02-18`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.dygdigital.com AlphaSSL CA - SHA256 - G2	`2020-06-12` - `2022-07-24`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.euromsg.net COMODO RSA Organization Validation Secure Server CA	`2018-12-06` - `2020-12-05`	2 years	crt.sh
*.engageya.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-16` - `2021-03-06`	a year	crt.sh
*.segmentify.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-11` - `2021-06-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2021-06-16`	a year	crt.sh
*.firstimpression.io Sectigo RSA Organization Validation Secure Server CA	`2019-11-06` - `2020-12-04`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Frame ID: BEECDDB5BECE542069D3AEF75AFE951A
Requests: 131 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 98CCE61EFC4BFF0176108F34314C8724
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=925268148&gdpr=1&gdpr_consent=CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA&ref=&bpid=dogusturkey&c=%7B%22bpid%22%3A%22dogusturkey%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Foto-Galeri%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22yasam%22%7D
Frame ID: 7C19C5EADD5B5EDB3F4896C8D33C83FD
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/watch_match.html
Frame ID: D8067082FAEA8564072EECEF19C44587
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/39414?ret=html&phint=Keywords%3DKapadokya%2CYa%C5%9Fam%2CMagazin%2CAmber%20Heard%2CTatil%2CMagazin%20haberleri&phint=__bk_t%3DAmber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&phint=__bk_v%3D3.1.5&limit=1&r=35775768
Frame ID: E60967F46E6242EE708F00C64BB3B95A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ntv.com.tr&gdpr_consent=CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA
Frame ID: 39073780404F449E5711DCD73949BDA6
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/sw/tracking-sw-index.html
Frame ID: DA68468E52EDBC4BA0BB0F1D60BB16AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Frame ID: 8FAC9F8A0C91800C4AE316D8D246256F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

136
Requests

100 %
HTTPS

63 %
IPv6

27
Domains

42
Subdomains

44
IPs

12
Countries

4723 kB
Transfer

7704 kB
Size

31
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ntvspor.net/
Title: SPOR

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMPK9_AowqvvnAg?hl=tr&gl=TR&ceid=TR%3Atr
Title:

Search URL Search Domain Scan URL

URL: https://www.reservemediamarketing.com/arcelikengold/?so=%20arcelikengav-ragust&lg=tr&MPC_1=[eng_website_id]&MPC_2=[eng_post_id]&MPC_3=[eng_click]&rd=5
Title: Borsada milyoner yapan hisse senedi!Markets Pro

Search URL Search Domain Scan URL

URL: https://platform.affiliatetrack.co/u/p/2958032/cL4DqczOrFej?rd=4&so=bitcoineng&lg=tr&MPC_1=[eng_website_id]&MPC_2=[eng_post_id]&MPC_3=[eng_click]&rd=5
Title: 23 yaşındaki genç adam servet kazanma yöntemi keşfettiItmFX

Search URL Search Domain Scan URL

URL: http://reservemediamarketing.com/thyeng/?so=thyengavrsubat&lg=tr&MPC_1=[eng_website_id]&MPC_2=[eng_post_id]&MPC_3=[eng_click]&rd=5
Title: Türk hisse senedi zengin ediyor!Markets Pro

Search URL Search Domain Scan URL

URL: http://www.dogusyayingrubu.com.tr/
Title: Doğuş Yayın Grubu

Search URL Search Domain Scan URL

URL: https://ik.dogusyayingrubu.com/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

URL: https://www.startv.com.tr/
Title: STAR

Search URL Search Domain Scan URL

URL: http://www.eurostartv.com.tr/
Title: EURO STAR

Search URL Search Domain Scan URL

URL: https://www.kralmuzik.com.tr/tv/kral-tv
Title: KRAL TV

Search URL Search Domain Scan URL

URL: https://www.kralmuzik.com.tr/tv/kral-pop-tv
Title: KRAL POP TV

Search URL Search Domain Scan URL

URL: https://www.ntvradyo.com.tr/
Title: NTV RADYO

Search URL Search Domain Scan URL

URL: https://www.kralmuzik.com.tr/radyo/kral-fm
Title: KRAL FM

Search URL Search Domain Scan URL

URL: https://www.kralmuzik.com.tr/radyo/kral-pop
Title: KRAL POP

Search URL Search Domain Scan URL

URL: https://radioeksen.com/
Title: EKSEN

Search URL Search Domain Scan URL

URL: http://radyovoyage.com/
Title: VOYAGE

Search URL Search Domain Scan URL

URL: https://www.ntvhava.com/
Title: ntvhava.com

Search URL Search Domain Scan URL

URL: https://www.kralmuzik.com.tr/
Title: kralmuzik.com.tr

Search URL Search Domain Scan URL

URL: https://www.puhutv.com/
Title: puhutv.com

Search URL Search Domain Scan URL

URL: https://twitter.com/ntv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NTV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ntv/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/ntv/

Search URL Search Domain Scan URL

URL: https://flipboard.com/@ntv

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.dogus.ntv&hl=tr
Title:

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/ntv/id327359689
Title:

Search URL Search Domain Scan URL

URL: https://appgallery1.huawei.com/#/app/C101155275
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://mc.yandex.ru/watch/16847260?wmode=7&page-url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604416445876%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201103161406%3Aet%3A1604416447%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1328367551744%3Arqn%3A1%3Arn%3A876619511%3Ahid%3A682953792%3Ads%3A25%2C38%2C211%2C107%2C0%2C0%2C0%2C364%2C0%2C%2C%2C%2C647%3Afp%3A574%3Awn%3A27907%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604416447%3Au%3A1604416447326985525%3At%3AAmber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV HTTP 302
https://mc.yandex.ru/watch/16847260/1?wmode=7&page-url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604416445876%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201103161406%3Aet%3A1604416447%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1328367551744%3Arqn%3A1%3Arn%3A876619511%3Ahid%3A682953792%3Ads%3A25%2C38%2C211%2C107%2C0%2C0%2C0%2C364%2C0%2C%2C%2C%2C647%3Afp%3A574%3Awn%3A27907%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604416447%3Au%3A1604416447326985525%3At%3AAmber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV

Request Chain 79

https://gatr.hit.gemius.pl/_1604416446994/rexdot.js?l=100&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=197&lsdata=IC7c8mdQgVXg9WHpu9xuMoBRvg2L.Ndxo7L2pNnDB77.u7XX8CxqehIv2uOv.rHCnmUH0IXkGC5kmkXLTaFia.c9Jn0S/xM8wxIgEC9XQe/&fpdata=g6InCFrCe6P9bpSCBmByfGgkljH5SbLp3q0VgcH2RhL.b7&vis=1 HTTP 301
https://gatr.hit.gemius.pl/__/_1604416446994/rexdot.js?l=100&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=197&lsdata=IC7c8mdQgVXg9WHpu9xuMoBRvg2L.Ndxo7L2pNnDB77.u7XX8CxqehIv2uOv.rHCnmUH0IXkGC5kmkXLTaFia.c9Jn0S/xM8wxIgEC9XQe/&fpdata=g6InCFrCe6P9bpSCBmByfGgkljH5SbLp3q0VgcH2RhL.b7&vis=1

136 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set mTfxCLVfe0ihHcrDIIi_zA Show response
www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/ 115 KB
116 KB 275ms
211ms Document
text/html 137.117.149.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.117.149.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d16a79e2751a8d99b622b82a8d0ffbef3de8e2ecb64ef3bb977f66eb0a88737

Request headers

Host: www.ntv.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Request-Context: appId=cid-v1:615f496e-a895-476a-9712-1e1ba61ae176
Set-Cookie: ARRAffinity=867114e9cc403f93ad5a2c4ab888e5a2642647cd56541224b1a75c4abe28f559;Path=/;HttpOnly;Domain=ntv.azurewebsites.net
Date: Tue, 03 Nov 2020 15:14:05 GMT
Cache-Control: public
X-Varnish: 979177408
Age: 0
X-Cache: MISS
Accept-Ranges: bytes
Transfer-Encoding: chunked
Connection: keep-alive
X-Srv: 10.0.1.14

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Yq1kQ5hg5Zz0imwU0GUBSQ==
age: 6383
status: 200
vary: Accept-Encoding
content-length: 4134
cf-request-id: 06304536ce0000c2b38b30f000000001
x-ms-lease-status: unlocked
last-modified: Tue, 03 Nov 2020 01:43:33 GMT
server: cloudflare
etag: 0x8D87F99E0188D79
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d218f103-601e-0046-2191-b10670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b0479ccc2b3-FRA

GET
H2 200 ads.js Show response
dygassets.dygdigital.com/ 280 B
909 B 95ms
33ms Script
application/javascript 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://dygassets.dygdigital.com/ads.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: a45340be77c5a67bb036cc65490d3a0c8871ba7da2d276f0ff990be08d10b41c

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
last-modified: Fri, 20 Sep 2019 11:01:47 GMT
content-encoding: gzip
x-rocket-mastercachestatus: HIT
expires: Wed, 03 Nov 2021 15:14:06 GMT
x-rocket-node: edge214.fra.de.eu.rocketcdn.com
server: nginx
etag: W/"3185aae398361c32c5434bd1483747b4"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: S9Nb7zk5gB7LqXkerVsuW0rXc0yzTU0w
access-control-allow-origin: *
x-rocket-masternode: cache113.ist.tr.eu.rocketcdn.com
access-control-expose-headers: Server,range,hdntl,hdnts
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: origin,range,hdntl,hdnts
x-amz-cf-id: JR_bltdlVa7PrxVMLMdS48yvG027tF9I1xzST-KpwgukllUpICjXPA==
x-rocket-cachestatus: HIT

GET
H2 200 ntv.min.css
cdn.ntv.com.tr/css/ 248 KB
44 KB 113ms
37ms Stylesheet
text/css 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 534e0b24d361401481f48bc6e702ca530ac63f277b0307ace3c23c0aac43696e

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
content-md5: /oYsHgZ4aQsRTpYsXswxdw==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:28 GMT
x-ms-request-id: d6bb55d1-301e-0021-25dc-b1aaf2000000
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/1cc5af75de07e1f9/ 102 KB
35 KB 152ms
150ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/1cc5af75de07e1f9/loader.js

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f7460949927e9812c52fa9771718f25d4bf6cb9e50e4400e4bf989cf88314c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6BoJBBgpT4JjZEgQmJQXnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-6BoJBBgpT4JjZEgQmJQXnw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-6BoJBBgpT4JjZEgQmJQXnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-6BoJBBgpT4JjZEgQmJQXnw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H2 200 ntv-logo-maskeni-tak.png
cdn.ntv.com.tr/img/ 15 KB
16 KB 44ms
40ms Image
image/png 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/ntv-logo-maskeni-tak.png?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 09c7d5a156245c0a18f5a24084969675b1fbc0a4b582291f502b2741e6a1258e

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-md5: DmWpUsIUl1NZfT7Mr7urNg==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:31 GMT
x-ms-request-id: 2becff6a-801e-0038-7fdc-b1869a000000
content-length: 15587
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
etag: 0x8D87F2A63A82F75
content-type: image/png
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 logo.svg
cdn.ntv.com.tr/img/ 9 KB
7 KB 44ms
40ms Image
image/svg+xml 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/logo.svg?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 9d13b63548a4b1bdd597e6c0671499ce59d8a6cde0b54f008be2fe6afe7556c7

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
content-md5: 9glse2KOBjt1rcwRP5xuFg==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:30 GMT
x-ms-request-id: 168507b5-401e-00cb-7cdc-b155f3000000
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 4bc85f0d-86d7-43bd-ace5-2703799ed724.json Show response
cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/ 3 KB
2 KB 19ms
19ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/4bc85f0d-86d7-43bd-ace5-2703799ed724.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541c6132fc0f6674c5b3366d9f5d4d3659e349a79b6a17647b199e7aadd53fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KqyzISWu0c2rEIIl5g7V/w==
age: 4832
status: 200
vary: Accept-Encoding
content-length: 1336
cf-request-id: 06304536e40000bedd0d8ff000000001
x-ms-lease-status: unlocked
last-modified: Mon, 26 Oct 2020 14:51:27 GMT
server: cloudflare
etag: 0x8D879BE9DECB885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec6a7ccd-c01e-0026-69ae-ab4352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b049d21bedd-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
356 B 30ms
26ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5ec70b057e193260-FRA
cf-request-id: 063045376b000032608a2f7000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
52 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5201570092a3f111064e9f5657ca3750ef12347674119157635358ce8258dadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53066
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H2 200 google-play-badge.png
cdn.ntv.com.tr/img/ 14 KB
14 KB 43ms
40ms Image
image/png 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/google-play-badge.png?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 8f184fb01d006e648c43775cd7ab6d82739229e49c02230882edbc096349b1a0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-md5: 3I/lNdVm3Ld0fUw8O+z4rg==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:30 GMT
x-ms-request-id: 5253de12-901e-00c9-1cdc-b15709000000
content-length: 13845
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
etag: 0x8D87F2A6385F92F
content-type: image/png
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 appstore.svg
cdn.ntv.com.tr/img/ 10 KB
5 KB 44ms
41ms Image
image/svg+xml 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/appstore.svg?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 641600d2c097ac86bcea47ec24f74e17a3a0478042c47a5e2d44d626038f189f

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
content-md5: 9LVspCfSEiS5lCC0cFVMzw==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:30 GMT
x-ms-request-id: b994e9c4-701e-0100-15dc-b18196000000
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 huawei-badge-black.png
cdn.ntv.com.tr/img/ 21 KB
22 KB 44ms
41ms Image
image/png 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/huawei-badge-black.png?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 739aa7cafa798f858f85fdb3d11d87b2d707fe8412a6b1d496266ba55714f9b3

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-md5: Kgo20R1FdCNXozTwSb7SkA==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:30 GMT
x-ms-request-id: 2646372a-401e-0084-03dc-b191eb000000
content-length: 21577
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
etag: 0x8D87F2A6379731E
content-type: image/png
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 92ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

7ed1fd157d3dee14c4e0a2091c4a920f9eb218412c3bbaca65d34dc419525ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "682 / 393 of 1000 / last-modified: 1604415102"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17987
x-xss-protection: 0
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 107 KB
35 KB 62ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:45 GMT
server: nginx
etag: W/"5f8eabed-1ada9"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 04 Nov 2020 15:14:06 GMT

GET
H2 200 dygtag-ntv.js Show response
dygassets.dygdigital.com/Rep/ 292 KB
75 KB 33ms
32ms Script
application/javascript 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://dygassets.dygdigital.com/Rep/dygtag-ntv.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: a921af45c6a658d1fbc805726d17b7eed01ec05854ee60eeee2555a479ed91a2

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
via: 1.1 a7ed0e2562a9e213a639323d1327bbbc.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 32
x-cache: Hit from cloudfront
status: 200
last-modified: Tue, 03 Nov 2020 14:41:29 GMT
content-encoding: gzip
x-rocket-mastercachestatus: HIT
x-rocket-node: edge214.fra.de.eu.rocketcdn.com
server: nginx
etag: W/"6525303d8a777e7a5e459d82f9a54665"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 77PnmUYARC6HyP9jOogwSSH8feJTQJKw
access-control-allow-origin: *
x-rocket-masternode: cache116.ist.tr.eu.rocketcdn.com
access-control-expose-headers: Server,range,hdntl,hdnts
access-control-allow-credentials: true
x-amz-cf-pop: OTP50-C1
content-type: application/javascript
access-control-allow-headers: origin,range,hdntl,hdnts
x-amz-cf-id: -2bse-1gi8SgLR1MJClV034GmOgRB6Ohxe24yLh5XGDWlpd9IIOwNQ==
x-rocket-cachestatus: HIT

GET
H2 200 ntv.min.js Show response
cdn.ntv.com.tr/js/ 281 KB
90 KB 43ms
39ms Script
application/x-javascript 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 08b66d46ac0651b9510fcb7b57d9835f6925605231f4c605adb52ed3ec7cd779

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
content-md5: giLn2+orqzIdhrLYWbaY3A==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:32 GMT
x-ms-request-id: 1c5eb274-901e-0086-10dc-b19311000000
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Requested by

Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3698a4d10ec8e69987ebbac12ddf6320ad24e5aa9f4fc3cbe9b32321838c8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 15:14:06 GMT
server: ESF
date: Tue, 03 Nov 2020 15:14:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H2 200 AGSKWxU3m_56js700tV1WzRYq0HEtg0Y9FlWSJOo9wkclG178oMjXw-FUVw8XlRrLH7uQ0g6JUZZJiLd_cPsk-iqW8M= Show response
fundingchoicesmessages.google.com/f/ 73 KB
28 KB 30ms
7ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU3m_56js700tV1WzRYq0HEtg0Y9FlWSJOo9wkclG178oMjXw-FUVw8XlRrLH7uQ0g6JUZZJiLd_cPsk-iqW8M=

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b68ebedfba2ccfd5b9f1f664ccb22d7b6276e7e075dbda6d2c6b758457c53069

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-//MijPvN+O+gLJROV9xWAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-//MijPvN+O+gLJROV9xWAA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 14:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27689
x-xss-protection: 0
server: ESF
etag: "1604274626"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
content-security-policy: script-src 'report-sample' 'nonce-//MijPvN+O+gLJROV9xWAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-//MijPvN+O+gLJROV9xWAA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Tue, 03 Nov 2020 15:29:30 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/41070/ 34 KB
11 KB 62ms
19ms Script
application/x-javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/41070/adRecover.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 086a3344d0a035afb60ffccc1f743974297d94bff9027a87e7d2653dae162eb6

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-cf3: M
cf4ttl: 31536000.000
x-cf1: 27741:fA.ams1:cf:cacheN.ams1-01:H
status: 200
content-length: 11311
x-cf-tsc: 1602091855
x-cf2: H
last-modified: Wed, 07 Oct 2020 17:18:54 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/x-javascript
x-cfhash: "20954dce7e9420e5049db77d95b32f3e"
cache-control: max-age=3600
cf4age: 0
accept-ranges: bytes
x-cf-rand: 58.367
expires: Tue, 03 Nov 2020 16:14:06 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 google-news.svg
cdn.ntv.com.tr/img/ 8 KB
4 KB 49ms
49ms Image
image/svg+xml 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/google-news.svg
Requested by: Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: b31e6efe57ac25b8ff47ea60a5a3ecd3840e7965a34d14803ea92bd0f4289986

Request headers

Referer: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
content-md5: SioKqiNfVEXJkWSD2PIANw==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:30 GMT
x-ms-request-id: ed2f49be-501e-005c-651c-b1363a000000
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 ntv-background-img.svg
cdn.ntv.com.tr/img/ 1 KB
1 KB 49ms
49ms Image
image/svg+xml 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/ntv-background-img.svg
Requested by: Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 0f0442ab444bf86b7cc42c0318b9daf60bbe574eb16443bd543b1f3cecda56a1

Request headers

Referer: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
content-md5: Y4OaTwsrxfu8N74kfSZQ8Q==
status: 200
last-modified: Wed, 28 Oct 2020 09:29:50 GMT
x-ms-request-id: b1bf17c0-201e-0094-2abe-ada70d000000
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 icomoon.ttf
cdn.ntv.com.tr/fonts/icons/ 16 KB
17 KB 90ms
38ms Font
application/octet-stream 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ntv.com.tr/fonts/icons/icomoon.ttf?v=58584
Requested by: Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 4873b677f58b261541aeddf628258dd2eba0684cda158fb7c0714c6a778ad9df

Request headers

Origin: https://www.ntv.com.tr
Referer: https://cdn.ntv.com.tr/css/ntv.min.css?v=3054
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-md5: 0Fgjwt/cv1u9i3nRyPfGtA==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:29 GMT
x-ms-request-id: 3124ace7-601e-00b1-1f1a-b13fbe000000
content-length: 16632
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge218.fra.de.eu.rocketcdn.com
server: nginx
etag: 0x8D87F2A62BC854D
content-type: application/octet-stream
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntv.com.tr
Referer: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 23:34:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 401980
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 29 Oct 2021 23:34:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntv.com.tr
Referer: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 23:06:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 403672
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 29 Oct 2021 23:06:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntv.com.tr
Referer: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 01 Nov 2020 03:35:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 214725
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Mon, 01 Nov 2021 03:35:21 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntv.com.tr
Referer: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 06:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:46 GMT
server: sffe
age: 118839
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8024
x-xss-protection: 0
expires: Tue, 02 Nov 2021 06:13:27 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntv.com.tr
Referer: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 21:58:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 580554
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Wed, 27 Oct 2021 21:58:12 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfChc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ca90b8ccee9352e358b32d68b425c82e7f12af1ed31e20ef5bc6d5937edb8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntv.com.tr
Referer: https://fonts.googleapis.com/css?family=Roboto:100,400,400i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 02:09:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:04 GMT
server: sffe
age: 392670
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7892
x-xss-protection: 0
expires: Sat, 30 Oct 2021 02:09:36 GMT

GET
H/1.1 200
OK dummy-img-1000x850.jpg
www.ntv.com.tr/img/ 14 KB
15 KB 26ms
26ms Image
image/jpeg 137.117.149.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ntv.com.tr/img/dummy-img-1000x850.jpg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.117.149.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9c0c1a9d21f0a25e36a4c724b7acf92e3cd838ac6a0e2a0ede169a858668eb3b

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:06:49 GMT
Last-Modified: Mon, 02 Nov 2020 12:03:30 GMT
X-Srv: 10.0.1.7
Age: 436
ETag: "1d6b1102dccedac"
X-Cache: HIT-1
X-Varnish: 953094852 943302987
Request-Context: appId=cid-v1:615f496e-a895-476a-9712-1e1ba61ae176
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 14508
X-Cache-Hits: 2

GET
H2 200 V5HuMIAStk-V98snOzDowA.jpg
cdn1.ntv.com.tr/gorsel/ 320 KB
321 KB 144ms
141ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/V5HuMIAStk-V98snOzDowA.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 839da65542922f646ce90020430afdebf70a88de062517029844205ddd408cde

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 327451
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 mTfxCLVfe0ihHcrDIIi_zA.jpg
cdn1.ntv.com.tr/gorsel/ 289 KB
290 KB 144ms
141ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/mTfxCLVfe0ihHcrDIIi_zA.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: d9534697e778422a13909fa26fed82de924d50b95a12243cee696e52ce7e8864

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 296077
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 EUfZE4vY2EmpQkhXBX1jEg.jpg
cdn1.ntv.com.tr/gorsel/ 194 KB
194 KB 142ms
140ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/EUfZE4vY2EmpQkhXBX1jEg.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: b148fc7270cd810c3c2082d30f7c80c8fac30f64de66c0bad8a2600188a8f083

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 198145
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 kVhEDhdNjESJXHBA_qcokQ.jpg
cdn1.ntv.com.tr/gorsel/ 228 KB
229 KB 144ms
141ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/kVhEDhdNjESJXHBA_qcokQ.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 5cf631b8c677c77d932115d7bad9ea7cb89aa0dc65af2309ddf60feda332f085

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 233926
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 cmU4ePgNX0SqpBcXi2L7HA.jpg
cdn1.ntv.com.tr/gorsel/ 276 KB
277 KB 143ms
140ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/cmU4ePgNX0SqpBcXi2L7HA.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: a95eca52613e438d6a3cf18e999a7a23aee68d734c98c12c8338c6e16dcab308

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 282508
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 WXjk2OgAqUGn32ZQru4PUQ.jpg
cdn1.ntv.com.tr/gorsel/ 210 KB
211 KB 143ms
140ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/WXjk2OgAqUGn32ZQru4PUQ.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: c50c1dd8d74f88e1f5e39e09adf62c771393acbd5ad2e7089c3c2189a0119a98

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 214926
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 8ToWZFx08UmlSIr1MPY6jg.jpg
cdn1.ntv.com.tr/gorsel/ 273 KB
273 KB 148ms
148ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/8ToWZFx08UmlSIr1MPY6jg.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: f0da6e786820a3b367c1a0c6b1e2f872c4de1f8104553f39091972f99b0eb97f

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 279059
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 Yq9NmfjOgUG7me9SxKV6bw.jpg
cdn1.ntv.com.tr/gorsel/ 226 KB
227 KB 119ms
119ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/Yq9NmfjOgUG7me9SxKV6bw.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 9e64a861af48a77558cf315f2c066a43de2cf12f6a1a20603fe8bc30b571c283

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 231780
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 ikQ9DhQmTkWqm3osFza7Og.jpg
cdn1.ntv.com.tr/gorsel/ 220 KB
220 KB 114ms
113ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/ikQ9DhQmTkWqm3osFza7Og.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 84a2c5be063674c3f2c7efb9d8c0c1dfdd6b9a6166759152fa2b1d70b7137ebb

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 224972
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 6aCpTOq_5kGqP7YhmfeZMg.jpg
cdn1.ntv.com.tr/gorsel/ 178 KB
178 KB 126ms
125ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/6aCpTOq_5kGqP7YhmfeZMg.jpg?width=1000&mode=both&scale=both&v=1597999058106
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: df45f7f3289ba3864a3631bc644a1bae47e7dee9b006f9b43854d91f8931d74c

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 181774
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 14-5D4X6wUCEsrVNpVpXEA.jpg
cdn1.ntv.com.tr/gorsel/ 6 KB
6 KB 26ms
25ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/14-5D4X6wUCEsrVNpVpXEA.jpg?width=150&height=85&mode=crop&scale=both&v=1604396053080
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: ea866644c56752a37ee51f5b32984cbc4d59ff7fa51c094ec579d4a6febffcf6

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 5825
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 Q21hDWPankuHZV3L2yJrtA.jpg
cdn1.ntv.com.tr/gorsel/ 5 KB
5 KB 24ms
24ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/Q21hDWPankuHZV3L2yJrtA.jpg?width=150&height=85&mode=crop&scale=both&v=1604390469688
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 72158807e8a21e1b1da3d3c23ef12a01a0a2ba6ebec51bc55a29222aa3dc7f3a

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 5040
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 mDwVmz3o-0St5Nrqi8vT5Q.jpg
cdn1.ntv.com.tr/gorsel/ 6 KB
6 KB 24ms
24ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/mDwVmz3o-0St5Nrqi8vT5Q.jpg?width=150&height=85&mode=crop&scale=both&v=1604384428429
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: a7ef29c336211a7ef610b4bb5384120963bb1195e999773193bd8d38464f6b76

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 5747
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 eBeHBmRgwU2qOQFqwYKJog.jpg
cdn1.ntv.com.tr/gorsel/ 5 KB
5 KB 33ms
33ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/eBeHBmRgwU2qOQFqwYKJog.jpg?width=150&height=85&mode=crop&scale=both&v=1604317683488
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 94b013f0664eaaa310a12510a2d77dac06c4b1290c7d0f1865866ce86caa09da

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 5225
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 QZkK8ITIYUG8urayNTjEoA.jpg
cdn1.ntv.com.tr/gorsel/ 9 KB
9 KB 32ms
32ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/QZkK8ITIYUG8urayNTjEoA.jpg?width=150&height=85&mode=crop&scale=both&v=1604320920804
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 3073c1001497ac5562c0942e4ed9bcdbdfdda470ff9b325c73421de81933f874

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 8866
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H2 200 _KTgENNMPEm7ndaD2j1Y_Q.jpg
cdn1.ntv.com.tr/gorsel/ 6 KB
6 KB 111ms
111ms Image
image/jpeg 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ntv.com.tr/gorsel/_KTgENNMPEm7ndaD2j1Y_Q.jpg?width=150&height=85&mode=crop&scale=both&v=1604318777100
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 2dd4725f16ff90a7e7a3cf5014f42eb51cc6a12a09daac3ad7a88ca316961fee

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-rocket-cachestatus: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 6069
x-rocket-mastercachestatus: HIT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
cache-control: max-age=31536000
request-context: appId=cid-v1:6e526fb8-d1ee-4143-afa8-f322bc6a759e
expires: Wed, 03 Nov 2021 15:14:06 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 30 KB
11 KB 109ms
37ms Script
application/javascript 104.103.89.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.89.30 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-89-30.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1fc90ca7cad373bbb2464bc5cf020c039a70652527015c24a61f1da4c0e9d11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2020 22:42:47 GMT
Server: nginx/1.15.8
ETag: W/"5ee94ae7-784f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 03 Nov 2020 15:14:06 GMT
Connection: keep-alive
Content-Length: 10653
Expires: Tue, 10 Nov 2020 15:14:06 GMT

GET
H2 200 xgemius.js Show response
gatr.hit.gemius.pl/ 40 KB
11 KB 135ms
46ms Script
application/x-javascript 217.182.200.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/xgemius.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.29 , Poland, ASN16276 (OVH, FR),
Reverse DNS: gcm7.host.hit.gemius.pl
Software: GHC /
Resource Hash: 40aa39f97affadb78c48cccb42baa7e711ddb25df90008648a29f4463ec9fc98

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 07:18:40 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10922
expires: Wed, 04 Nov 2020 03:14:06 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 70ms
70ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b890c68ff8bd5d94cba364f4bf535c981905c011e66b911cfadcf25b0a34ebbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: br
last-modified: Tue, 03 Nov 2020 14:35:32 GMT
status: 200
etag: "5f993b0e-17683"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 95875
expires: Tue, 03 Nov 2020 16:14:06 GMT

GET
H2 200 relatedpush_sdk.js Show response
wps.euromsg.net/6ef08739-8420-43b3-8faa-3585bb7959d6/ 51 KB
52 KB 100ms
11ms Script
application/javascript 2600:9000:2182:de00:9:c37:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wps.euromsg.net/6ef08739-8420-43b3-8faa-3585bb7959d6/relatedpush_sdk.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:9:c37:b540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4e7e4a44e72798bf4464d1febd639b0e6f80217003eadd09048508f7f1e20e5

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 16:43:40 GMT
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified: Wed, 21 Oct 2020 09:48:00 GMT
server: AmazonS3
age: 81027
etag: "5fd8b7dcf334f94e0c6710741a137be0"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 52731
x-amz-cf-id: sTfK58KBBCUNcSD9Z8G2EcqMBYYqZVNqjNT1AH15juB5DrKWDQR1WA==

GET
H/1.1 200
OK engageya_loader.js Show response
widget.engageya.com/ 103 KB
26 KB 31ms
9ms Script
application/javascript 2a02:26f0:10c:5a3::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.engageya.com/engageya_loader.js
Requested by: Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a3::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 4130861d1183a76993ff3b56ce2d93217340b3239b68dfe645bc5f3c9509480f

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Oct 2020 12:02:35 GMT
Server: nginx
ETag: W/"5f95695b-19d02"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 26725
Expires: Tue, 03 Nov 2020 17:14:06 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.8.0/ 332 KB
71 KB 54ms
53ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZxViCiQmz7HefYYdJwAS4g==
age: 3930
status: 200
vary: Accept-Encoding
content-length: 72918
cf-request-id: 06304538930000c2b378bca000000001
x-ms-lease-status: unlocked
last-modified: Tue, 27 Oct 2020 07:25:15 GMT
server: cloudflare
etag: 0x8D87A4973004AF3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45becc5d-901e-003e-3938-ac6ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b075f5dc2b3-FRA

GET
H3-Q050 200 AGSKWxW0dfWKa1ezIUiuYc7zeGNWWh6XXbOaaBcOoHVlS1FRd937Ea5rpzloTuDceOMUO1hM5zcCrzuRhSUl6CADmeA= Show response
fundingchoicesmessages.google.com/f/ 81 KB
31 KB 87ms
72ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0dfWKa1ezIUiuYc7zeGNWWh6XXbOaaBcOoHVlS1FRd937Ea5rpzloTuDceOMUO1hM5zcCrzuRhSUl6CADmeA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCwyLFsxNjA0NDE2NDQ2LDU1OTAwMDAwMF0sIjA4MDA1RTI3LUE2MEMtNDc4Ni05RkYyLURFRDU1OTE2NkY2MiIsIjZERDUwNzdDLTM0NjgtNEMzRC1BNEFELTU1NDNFQUUzRTg2NSIsbnVsbCxbMCxbMV1dXQ

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a75a6ca905b9e8cd94cf8fddc27c11736471008c9fe5d85f2e56bc55755af554

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cTmPyy2XZDxILzU8ctfuGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cTmPyy2XZDxILzU8ctfuGw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-cTmPyy2XZDxILzU8ctfuGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cTmPyy2XZDxILzU8ctfuGw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Tue, 03 Nov 2020 15:14:06 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/41070/adRecover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 21:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408957
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 21:38:09 GMT

GET
H3-Q050 200 pubads_impl_2020102901.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
97 KB 78ms
47ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

2f61e74f8dfd64debe6c2f8272986e4bc0c1d83f115d2a44c3f601d0e2f39ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 08:43:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98487
x-xss-protection: 0
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H/1.1 200
OK json Show response
www.ntv.com.tr/havadurumu/ 21 KB
21 KB 37ms
37ms XHR
application/json 137.117.149.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ntv.com.tr/havadurumu/json
Requested by: Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.117.149.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 30752627b994f7dfd60c2f5ff51c7b43997cca7d7efd4cb0dd1228790d30af8e

Request headers

Accept: */*
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:13:56 GMT
X-Srv: 10.0.1.6
Age: 9
Vary: Accept-Encoding
X-Cache: HIT-1
X-Varnish: 885949617 865163333
Request-Context: appId=cid-v1:615f496e-a895-476a-9712-1e1ba61ae176
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/json; charset=utf-8
Content-Length: 21485
X-Cache-Hits: 3

GET
H2 200 segmentify.js Show response
cdn.segmentify.com/06641bab-8b32-42c2-b8ba-129f4d981ebb/ 103 KB
30 KB 78ms
22ms Script
application/javascript 31.3.2.97
NETSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmentify.com/06641bab-8b32-42c2-b8ba-129f4d981ebb/segmentify.js
Requested by: Host: cdn.ntv.com.tr
URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.97 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2142 /
Resource Hash: f6c82fa09662f2e82d8eabea0e8e1ab72bd786a28ff117c7feab40cb56188930

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-edge-location: DE-372
x-cache-status: Edge : HIT,
status: 200
last-modified: Tue, 28 Apr 2020 09:01:39 GMT
server: MNCDN-2142
etag: W/"5ea7f0f3-19c4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account
x-mserver: 2200
expires: Wed, 04 Nov 2020 15:14:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-trip-id: 664085054
pragma: public
x-fb-debug: 4wVR6OrGjrOAxDaB/vsuO6MeyB8om6Y74nlXS7iYfQj0Z7fpkSOVOmeqbK+NCY4Qterf5y5GFUfzZvvWxScpLw==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Tue, 03 Nov 2020 15:14:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
vary: Accept-Encoding
content-length: 23070
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5081
date: Tue, 03 Nov 2020 13:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 03 Nov 2020 15:49:25 GMT

GET
H2 200 w1.png
cdn.ntv.com.tr/img/weather/ 984 B
2 KB 55ms
55ms Image
image/png 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/weather/w1.png
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 29fad14f1f9273f2f53037030ee4d78de328672689136cb88c3644d14afa2b64

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-md5: HJLvB79ibH5ojsl5b+GRGg==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:31 GMT
x-ms-request-id: aa996865-201e-00f2-3f1c-b11557000000
content-length: 984
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
etag: 0x8D87F2A64151538
content-type: image/png
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/1cc5af75de07e1f9:D:f4797c159c686d01/ 392 B
1 KB 103ms
88ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/1cc5af75de07e1f9:D:f4797c159c686d01/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.ojRZdOjRzi4.es5.O/d=1/ct=zgms/rs=AJlcJMwLluqSVRdfarNEKTIK9T9coY1LNw/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff46d03d1319e7393ef416fc844d98242372b603ca20945fb676c5428e8ce263

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OqzWaqNSvNLDIg709DN7bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-OqzWaqNSvNLDIg709DN7bw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-OqzWaqNSvNLDIg709DN7bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-OqzWaqNSvNLDIg709DN7bw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 w12.png
cdn.ntv.com.tr/img/weather/ 2 KB
2 KB 26ms
25ms Image
image/png 195.142.105.29
BETAINTERNATIONAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ntv.com.tr/img/weather/w12.png
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.142.105.29 , Turkey, ASN199484 (BETAINTERNATIONAL, TR),
Reverse DNS
Software: nginx /
Resource Hash: 6f7760abdb695f6601dfa3237c6d051551ea3e8a7165e68634037ce291b14229

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-md5: yLySl9Q4mcVfBpSlj/95hQ==
status: 200
last-modified: Mon, 02 Nov 2020 12:25:31 GMT
x-ms-request-id: a500bdaf-b01e-0030-3bc8-b19de9000000
content-length: 1917
x-rocket-mastercachestatus: HIT
x-ms-lease-status: unlocked
expires: Thu, 03 Dec 2020 15:14:06 GMT
x-rocket-node: edge215.fra.de.eu.rocketcdn.com
server: nginx
etag: 0x8D87F2A6424A95D
content-type: image/png
access-control-allow-origin: *
x-rocket-masternode: cache117.ist.tr.eu.rocketcdn.com
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2592000
x-ms-version: 2009-09-19
x-rocket-cachestatus: HIT

GET
H/1.1 200
OK getrecs.json Show response
premium.engageya.com/rec-api/ 13 KB
6 KB 364ms
306ms Script
application/javascript 95.142.20.17
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://premium.engageya.com/rec-api/getrecs.json?cb=engageya_cb_19048277948593916&pubid=158041&webid=116302&wid=132272&recsnum=15&url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&cs=UTF-8&subid=&title=Amber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C&kwrds=&sessionid=b9fce0eb-f6be-bda4-365f-fe3982782ede&rndid=19048277948593916&psid=a54c8ea0-974d-d17a-5d65-fcea8eeceead&is_gdpr=0&gdpr_consent=
Requested by: Host: widget.engageya.com
URL: https://widget.engageya.com/engageya_loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS: ip-95-142-20-17.purepeak.com
Software: nginx /
Resource Hash: bc866c7779940cb2fd9895da8f0a3a50c42f0eeaa9ca861b3dd8936d362d4226

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-language: en-US
cache-control: no-cache, no-store, max-age=0
transfer-encoding: chunked
content-type: application/javascript;charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gatr.hit.gemius.pl/ 268 B
381 B 43ms
42ms Script
application/x-javascript 217.182.200.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/fpdata.js?href=www.ntv.com.tr
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.29 , Poland, ASN16276 (OVH, FR),
Reverse DNS: gcm7.host.hit.gemius.pl
Software: GHC /
Resource Hash: 5241bcec3457c3de1e85e1314ab2423a0c0d866056794b3782c0bfb058c29645

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 268
expires: Thu, 03 Dec 2020 15:14:06 GMT

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame 98CC 0
0 82ms
28ms Document
text/html 149.202.208.200
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.208.200 , France, ASN16276 (OVH, FR),
Reverse DNS: ovhfr6.host.hit.gemius.pl
Software: GHC /
Resource Hash

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

status: 200
date: Tue, 03 Nov 2020 15:14:06 GMT
expires: Thu, 03 Dec 2020 15:14:06 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2713
content-encoding: gzip

GET
H2 200 309647519525108 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/309647519525108?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eaaf1ba6f119020494e189163029ca26410b07113cd677ee4970c99bb34a429

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 69776
x-xss-protection: 0
pragma: public
x-fb-debug: PT9quBzP8u5CD1hHsNHl1ZYbFXf59cyFs6WIPc9jtGPxk/S+7ENEW+T2uMZEKNkbWl2PQVA5tBFCw8kSX99krA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 03 Nov 2020 15:14:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 14ms
14ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=982618721&t=event&_s=1&dl=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&ul=en-us&de=UTF-8&dt=Amber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=infinite-foto-galeri-detay&ea=1.foto-galeri-2%2F12&el=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&_u=YEBAAAABAAAAAC~&jid=1936823764&gjid=444643495&cid=589561550.1604416447&tid=UA-37502122-4&_gid=694502610.1604416447&_r=1&gtm=2wgal25TDWZF&z=385780319

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tr.json Show response
cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/0017b46f-75f4-46bb-a052-1b7a36e2be9f/ 98 KB
21 KB 20ms
19ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4bc85f0d-86d7-43bd-ace5-2703799ed724/0017b46f-75f4-46bb-a052-1b7a36e2be9f/tr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6d64bf355abd4176ee847d4fa3cceca745f490d5e26d823bc1647c72f7acab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WNInBSmfUs1jXoktNYNybw==
age: 1027
status: 200
vary: Accept-Encoding
content-length: 20849
cf-request-id: 063045394a0000bedd3a9ed000000001
x-ms-lease-status: unlocked
last-modified: Mon, 26 Oct 2020 14:51:37 GMT
server: cloudflare
etag: 0x8D879BEA3E0C24D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a619ad60-901e-0118-2cb5-abb326000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b087fecbedd-FRA

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 213 KB
30 KB 13ms
12ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2e8e3ba90446e0779faca4bb639726ba009a2bb099d2b13196d4b450beaa9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AjHvjfNLXub6ymrrZX8Npw==
age: 7607
status: 200
vary: Accept-Encoding
content-length: 29877
cf-request-id: 063045394a0000bedd0d929000000001
x-ms-lease-status: unlocked
last-modified: Tue, 03 Nov 2020 13:00:03 GMT
server: cloudflare
etag: 0x8D87FF861600B8B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9ceb658a-c01e-0004-20e2-b12d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b087feebedd-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.8.0/ 67 KB
15 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UnI48Uch3f3NsZp0xNCSPA==
age: 2332
status: 200
vary: Accept-Encoding
content-length: 14815
cf-request-id: 063045394a0000c2b371b84000000001
x-ms-lease-status: unlocked
last-modified: Tue, 27 Oct 2020 07:25:13 GMT
server: cloudflare
etag: 0x8D87A4972294A8B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 86a22221-801e-006e-2c3b-ac71cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b0879f5c2b3-FRA

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
901 B 18ms
17ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1604416446837
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-cf3: M
cf4ttl: 31536000.000
x-cf1: 27741:fA.ams1:cf:cacheN.ams1-01:H
status: 200
content-length: 631
x-cf-tsc: 1596802585
x-cf2: M
last-modified: Fri, 22 Jul 2016 20:31:34 GMT
server: CFS 0215
x-cff: B
content-type: image/jpeg
x-cfhash: "706bd34581dd47cb205c9ff4a828e7ca"
cf4age: 0
accept-ranges: bytes
x-cf-rand: 26.912

POST
H3-Q050 204 AGSKWxV3GdaafK05rutssKMy_WImk59sA3AHSe-vvhL_8r3dFPif7CWak_lS5k9UEjrGPuFzKbfxnhWziaqyJsst_ys= Show response
fundingchoicesmessages.google.com/l/ 0
837 B 68ms
34ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxV3GdaafK05rutssKMy_WImk59sA3AHSe-vvhL_8r3dFPif7CWak_lS5k9UEjrGPuFzKbfxnhWziaqyJsst_ys=?pvid=08005E27-A60C-4786-9FF2-DED559166F62&anonid=6DD5077C-3468-4C3D-A4AD-5543EAE3E865

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCachedJsClientJs.tr.5uYAWUzgsR4.es5.O/d=1/ct=zgms/rs=AJlcJMyXkYXVJaD66rE13XQWcBvGAJ-TZA/m=cached_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vwOEq3tcec+gD97lSkE8Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vwOEq3tcec+gD97lSkE8Mg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
x-content-type-options: nosniff
status: 204
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-vwOEq3tcec+gD97lSkE8Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vwOEq3tcec+gD97lSkE8Mg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-37502122-4&cid=589561550.1604416447&jid=1936823764&gjid=444643495&_gid=694502610.1604416447&_u=YEBAAAAAAAAAAC~&z=1649247255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 Nov 2020 15:14:06 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/16847260/
Redirect Chain

https://mc.yandex.ru/watch/16847260?wmode=7&page-url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=utf-8&browser-...
https://mc.yandex.ru/watch/16847260/1?wmode=7&page-url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=utf-8&browse...

167 B
250 B

56ms
55ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/16847260/1?wmode=7&page-url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604416445876%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201103161406%3Aet%3A1604416447%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1328367551744%3Arqn%3A1%3Arn%3A876619511%3Ahid%3A682953792%3Ads%3A25%2C38%2C211%2C107%2C0%2C0%2C0%2C364%2C0%2C%2C%2C%2C647%3Afp%3A574%3Awn%3A27907%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604416447%3Au%3A1604416447326985525%3At%3AAmber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0a2b66d1560c2c076585eac595a275cc932120eb9884a9782cf27398ef1cfb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 03-Nov-2020 15:14:07 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Tue, 03-Nov-2020 15:14:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:06 GMT
last-modified: Tue, 03-Nov-2020 15:14:06 GMT
status: 302
location: /watch/16847260/1?wmode=7&page-url=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604416445876%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201103161406%3Aet%3A1604416447%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1328367551744%3Arqn%3A1%3Arn%3A876619511%3Ahid%3A682953792%3Ads%3A25%2C38%2C211%2C107%2C0%2C0%2C0%2C364%2C0%2C%2C%2C%2C647%3Afp%3A574%3Awn%3A27907%3Ahl%3A2%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604416447%3Au%3A1604416447326985525%3At%3AAmber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV
access-control-allow-origin: https://www.ntv.com.tr
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 03-Nov-2020 15:14:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=309647519525108&ev=PageView&dl=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&rl=&if=false&ts=1604416446974&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.2.1604416446972.1621441579&it=1604416446774&coo=false&rqm=GET

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=309647519525108&ev=ViewContent&dl=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&rl=&if=false&ts=1604416446975&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.2.1604416446972.1621441579&it=1604416446774&coo=false&rqm=GET

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 03 Nov 2020 15:14:06 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 22ms
20ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-37502122-4&cid=589561550.1604416447&jid=1936823764&_u=YEBAAAAAAAAAAC~&z=420832707

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-37502122-4&cid=589561550.1604416447&jid=1936823764&_u=YEBAAAAAAAAAAC~&z=420832707

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
186 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
last-modified: Tue, 03 Nov 2020 13:47:36 GMT
status: 200
etag: "5f9c117e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 03 Nov 2020 16:14:07 GMT

GET
H2

200

rexdot.js Show response
gatr.hit.gemius.pl/__/_1604416446994/
Redirect Chain

https://gatr.hit.gemius.pl/_1604416446994/rexdot.js?l=100&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ntv.c...
https://gatr.hit.gemius.pl/__/_1604416446994/rexdot.js?l=100&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.nt...

169 B
434 B

43ms
42ms

Script
application/x-javascript

217.182.200.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/__/_1604416446994/rexdot.js?l=100&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=197&lsdata=IC7c8mdQgVXg9WHpu9xuMoBRvg2L.Ndxo7L2pNnDB77.u7XX8CxqehIv2uOv.rHCnmUH0IXkGC5kmkXLTaFia.c9Jn0S/xM8wxIgEC9XQe/&fpdata=g6InCFrCe6P9bpSCBmByfGgkljH5SbLp3q0VgcH2RhL.b7&vis=1
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.182.200.29 , Poland, ASN16276 (OVH, FR),
Reverse DNS: gcm7.host.hit.gemius.pl
Software: GHC /
Resource Hash: 49827680ca5678cb7f849959a33ec824c5c8323ab9d95a1cccc3db01cafd79f5

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:07 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 02 Nov 2020 15:14:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:07 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1604416446994/rexdot.js?l=100&id=1vZF1uuG4e76dR2fW2iNTOTkzQCRqM88SdPJ6d6vsMP.s7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=197&lsdata=IC7c8mdQgVXg9WHpu9xuMoBRvg2L.Ndxo7L2pNnDB77.u7XX8CxqehIv2uOv.rHCnmUH0IXkGC5kmkXLTaFia.c9Jn0S/xM8wxIgEC9XQe/&fpdata=g6InCFrCe6P9bpSCBmByfGgkljH5SbLp3q0VgcH2RhL.b7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 02 Nov 2020 15:14:07 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 109ms
50ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=88607877845
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:07 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 200 cdb Show response
bidder.criteo.com/ 129 B
341 B 111ms
52ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=32705944841
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: fc670ffe889597f64c7932c6f27e9385f1349e5eabf1576d16456db245abc4bb

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 03 Nov 2020 15:14:06 GMT
content-encoding: gzip
server: Finatra
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 135

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 110ms
51ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=74216612825
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 109ms
51ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=33224672450
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 108ms
51ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=84421921385
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 108ms
50ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=2592222445
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 107ms
50ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=2368718629
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 108ms
51ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=28944447684
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 44ms
8ms Script
application/javascript 2600:9000:2182:b400:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b400:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 00:55:59 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 81943
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: 6P1n5RbcbDDu-qn_4UcC0xt586mbtL2gpCX5XCH4m--m9oIA3YjlNQ==

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.8.0/assets/ 5 KB
3 KB 13ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: qiUeLMH3Av+tTFC5V1EUTA==
age: 2266
status: 200
vary: Accept-Encoding
content-length: 2178
cf-request-id: 0630453a520000bedd2e304000000001
x-ms-lease-status: unlocked
last-modified: Tue, 27 Oct 2020 07:25:07 GMT
server: cloudflare
etag: 0x8D87A496E870B2E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 836c69e9-301e-0033-5b3c-ac81cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b0a1924bedd-FRA

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: cdn.segmentify.com
URL: https://cdn.segmentify.com/06641bab-8b32-42c2-b8ba-129f4d981ebb/segmentify.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 18:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247366
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Oct 2021 18:31:21 GMT

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.8.0/assets/ 9 KB
3 KB 14ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7493f2a041eebaac8d7355d4255081127b8ce5c64ae118664d8359004bc6eabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Nov 2020 15:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JfwCr4H8VPe1S+z7wq8N9w==
age: 74
status: 200
vary: Accept-Encoding
content-length: 2808
cf-request-id: 0630453a7f0000bedd07821000000001
x-ms-lease-status: unlocked
last-modified: Tue, 27 Oct 2020 07:25:06 GMT
server: cloudflare
etag: 0x8D87A496D8E4BAC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e4609603-701e-009e-083f-aca1a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5ec70b0a6962bedd-FRA

GET
H/1.1 200
OK images9.engageya.com.engageya93a7a681-161c-447d-9969-d8787f368749_new_post_image_545447_17.jpeg
images9.engageya.com/1a/08/website_204540/ce/04/88/ 9 KB
9 KB 46ms
22ms Image
image/jpeg 2a02:26f0:10c:5b2::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images9.engageya.com/1a/08/website_204540/ce/04/88/images9.engageya.com.engageya93a7a681-161c-447d-9969-d8787f368749_new_post_image_545447_17.jpeg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b2::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b54c0c7a8f456cafe908d9ff01a4546ea30904e83c40d8e8e87e5d48acac4838

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:07 GMT
Last-Modified: Tue, 27 Aug 2019 14:39:23 GMT
Server: AmazonS3
x-amz-request-id: 65879601F5C571CF
ETag: "a9ba19cbb1c45c4592e25578dd9c07e4"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8963
x-amz-id-2: xmj5VTLnr1L/LRwWGyt0NezNUCEGu9pYbBSNHGJD3rpHMcdH3Pjd0WFCNaYw3QxFOQv6pJJnkkc=
Expires: Tue, 10 Nov 2020 15:14:07 GMT

GET
H/1.1 200
OK cdn1.ntv.com.tr.aHmSmbEwlkSp_2DrWbCogPtA_2_158041_17.jpg
images9.engageya.com/ec/00/website_116302/60/03/0b/ 17 KB
17 KB 55ms
31ms Image
image/jpeg 2a02:26f0:10c:5b2::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images9.engageya.com/ec/00/website_116302/60/03/0b/cdn1.ntv.com.tr.aHmSmbEwlkSp_2DrWbCogPtA_2_158041_17.jpg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b2::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf79bafcf2e9a235b2c57024ef3dc9345b3e1e43dd533fbe03adfc529d561ff8

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:07 GMT
Last-Modified: Sun, 01 Nov 2020 09:29:10 GMT
Server: AmazonS3
x-amz-request-id: 03265269085CBFC7
ETag: "a7efe2c14f8af593e994e940547ab75f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17271
x-amz-id-2: tKWnX1AHjRlrfuduQ2tRu6F0a3eUdv5mCFPGUUgr9JywQc9SE4q5MbsQG/3tMwsWE4n2i/niJqc=
Expires: Tue, 10 Nov 2020 15:14:07 GMT

GET
H/1.1 200
OK images9.engageya.com.engageya0b039bcc-9ca2-46e6-b2e2-9395cef0bb9d_new_post_image_668257_17.jpg
images9.engageya.com/75/68/website_210032/b8/40/b5/ 11 KB
11 KB 45ms
22ms Image
image/jpeg 2a02:26f0:10c:5b2::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images9.engageya.com/75/68/website_210032/b8/40/b5/images9.engageya.com.engageya0b039bcc-9ca2-46e6-b2e2-9395cef0bb9d_new_post_image_668257_17.jpg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b2::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a8acb5962bf7b86d67e2580f639c69c12a01b3f318707cc1ce775d714281863

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:07 GMT
Last-Modified: Fri, 22 May 2020 09:15:44 GMT
Server: AmazonS3
x-amz-request-id: D7CAF9AD71390D40
ETag: "281abf937b1d26b77171d2d01f03861e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11265
x-amz-id-2: HYLbDKErGvRRZTZDBJwSfFwsOKwHVJV5oNAgX6CXNgtcMY0h2nqrtHcgH+5v90sBCDolqio/5WY=
Expires: Tue, 10 Nov 2020 15:14:07 GMT

GET
H/1.1 200
OK cdn1.ntv.com.tr.LVdGZFF2pE_2DLvz_5F18MRFYA_2_123496_17.jpg
images9.engageya.com/ec/00/website_116302/f7/47/20/ 17 KB
17 KB 51ms
28ms Image
image/jpeg 2a02:26f0:10c:5b2::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images9.engageya.com/ec/00/website_116302/f7/47/20/cdn1.ntv.com.tr.LVdGZFF2pE_2DLvz_5F18MRFYA_2_123496_17.jpg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b2::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79a7826dac28869b0fa0e85048bb80ef83a275feb5e67b5badbe83e3aaf7f9f4

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:07 GMT
Last-Modified: Tue, 03 Nov 2020 15:01:20 GMT
Server: AmazonS3
x-amz-request-id: 731716E6E7B5A77A
ETag: "d1b2fb40515f48404fb8137c4daf5482"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17198
x-amz-id-2: h1GKHoHSpxktY1TAAWWUwS8QVy5cvyGUAQPMpahQxBP02Er0fTnXUtl+7Lz/j7D5zyy2jkpj0rc=
Expires: Tue, 10 Nov 2020 15:14:07 GMT

GET
H/1.1 200
OK images9.engageya.com.engageyad6fd2eb1-e841-4630-82ec-785a4a691301_new_post_image_314041_17.jpeg
images9.engageya.com/3a/85/website_196485/39/4e/6f/ 12 KB
12 KB 45ms
22ms Image
image/jpeg 2a02:26f0:10c:5b2::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images9.engageya.com/3a/85/website_196485/39/4e/6f/images9.engageya.com.engageyad6fd2eb1-e841-4630-82ec-785a4a691301_new_post_image_314041_17.jpeg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b2::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08b0311a2c32ececbae41df080544aeb8204e9eee3da0214d67cc989e46fc9cf

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:07 GMT
Last-Modified: Thu, 18 Apr 2019 13:30:56 GMT
Server: AmazonS3
x-amz-request-id: C7A46BFDA6300687
ETag: "b773785eeb81083c8ec0887c7812cd45"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12011
x-amz-id-2: l0sjBvyjvfZM16FksgP/ob5Ex5hRJwutWmKtd/HgWKf72dV0DHqRw9VsAFIXSXDzzZ7+UaZULxM=
Expires: Tue, 10 Nov 2020 15:14:07 GMT

GET
H/1.1 200
OK cdn1.ntv.com.tr.4xDwXfOBskW1RIjAHW5pNg_2_158786_17.jpg
images9.engageya.com/ec/00/website_116302/76/67/c6/ 14 KB
15 KB 44ms
22ms Image
image/jpeg 2a02:26f0:10c:5b2::3b8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images9.engageya.com/ec/00/website_116302/76/67/c6/cdn1.ntv.com.tr.4xDwXfOBskW1RIjAHW5pNg_2_158786_17.jpg
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b2::3b8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c4846c11dfe9eb002af872c19b49545782e282c38014929d423e89e94483dd

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:07 GMT
Last-Modified: Mon, 02 Nov 2020 08:13:47 GMT
Server: AmazonS3
x-amz-request-id: F7C6802099D96717
ETag: "de9fb19418ddaf993bb8c21d93dd88cf"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14536
x-amz-id-2: fBsZtNZosy3ipPEIAEeobTUVVkPDw//RIjffA6NdxtlyhJUJ/vRMYh9TUfOVtDvQPz+/u0WsP0I=
Expires: Tue, 10 Nov 2020 15:14:07 GMT

GET
H2 200 /
d.agkn.com/iframe/8613/ Frame 7C19 0
0 59ms
16ms Document
text/html 2600:9000:2182:2400:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=925268148&gdpr=1&gdpr_consent=CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA&ref=&bpid=dogusturkey&c=%7B%22bpid%22%3A%22dogusturkey%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Foto-Galeri%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22yasam%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2400:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

:method: GET
:authority: d.agkn.com
:scheme: https
:path: /iframe/8613/?che=925268148&gdpr=1&gdpr_consent=CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA&ref=&bpid=dogusturkey&c=%7B%22bpid%22%3A%22dogusturkey%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Foto-Galeri%22%2C%22brd%22%3A%22-1%22%2C%22subcategory%22%3A%22yasam%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

status: 200
content-type: text/html;charset=UTF-8
content-length: 539
cache-control: no-cache, must-revalidate
date: Tue, 03 Nov 2020 15:14:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
server: Apache-Coyote/1.1
set-cookie: ab=0001%3AeFiEQqMEebEId4muKbCWbET%2FlbBaxRmU;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAnNDA_JzQwPwAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
x-cache: Miss from cloudfront
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 0QFeOC-NDEoW_Gc2a-153Vw9u-ZkuylmfAjRqDHsiVyCQ6ikiVentw==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 29ms
28ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 29 Oct 2021 15:14:07 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
14ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 29 Oct 2021 15:14:07 GMT

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 28ms
28ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 28ms
27ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 28ms
27ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 28ms
28ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:07 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 28ms
28ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:07 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 28ms
27ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
144 B 27ms
27ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 15:14:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.ntv.com.tr
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK v1.json Show response
dcc2.segmentify.com//get/key/ 43 B
272 B 217ms
69ms XHR
application/json 185.193.6.142
NETLOJISTIK

General

Check archive.org

Show headers Download Go to

Full URL: https://dcc2.segmentify.com//get/key/v1.json?count=2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.193.6.142 , Turkey, ASN206192 (NETLOJISTIK, TR),
Reverse DNS
Software: nginx /
Resource Hash: 999bab6f4c90c4c9bca669f98aa56b5fa520542e9ef42be9a320f1353b432ed8

Request headers

Accept: */*
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ntv.com.tr
Date: Tue, 03 Nov 2020 15:14:07 GMT
Content-Encoding: br
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 watch_match.html
mc.yandex.ru/metrika/ Frame D806 0
0 66ms
62ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: mc.yandex.ru
:scheme: https
:path: /metrika/watch_match.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: yandexuid=6868449511604416446; yuidss=6868449511604416446; yabs-sid=2574719631604416446; i=xLXsKq2xn40s+OmtvW/m4FPmOc+Phxi9AwbzVDyYAPabbP/3RsE12EXTTcuikm2eR6Z7wvOsvy3gCqu5BSHGfy6rDVo=; ymex=1635952446.yrts.1604416446#1635952446.yrtsi.1604416446
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

status: 200
content-length: 553
date: Tue, 03 Nov 2020 15:14:07 GMT
access-control-allow-origin: *
etag: "5f993b0e-229"
expires: Tue, 03 Nov 2020 16:14:07 GMT
last-modified: Tue, 03 Nov 2020 14:35:32 GMT
cache-control: max-age=3600
content-encoding: br
content-type: text/html
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK 39414
stags.bluekai.com/site/ Frame E609 0
0 226ms
175ms Document
text/html 184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/39414?ret=html&phint=Keywords%3DKapadokya%2CYa%C5%9Fam%2CMagazin%2CAmber%20Heard%2CTatil%2CMagazin%20haberleri&phint=__bk_t%3DAmber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&phint=__bk_v%3D3.1.5&limit=1&r=35775768
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 4d34
Date: Tue, 03 Nov 2020 15:14:07 GMT
Connection: keep-alive
X-N: S

GET
H2 200 syncframe
gum.criteo.com/ Frame 3907 0
0 40ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.ntv.com.tr&gdpr_consent=CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.ntv.com.tr&gdpr_consent=CO8ToV2O8ToV2AcABBENA-CgAAAAAAAAAChQAAAAAAAA.YAAAAAAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 315
date: Tue, 03 Nov 2020 15:14:07 GMT
content-length: 0

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 100ms
23ms Script
application/javascript 212.71.236.31
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.31 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-31.london.nodebalancer.linode.com
Software: nginx/1.16.1 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:13:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.16.1
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Tue, 03 Nov 2020 16:13:51 GMT

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 626 KB
626 KB 112ms
37ms Script
text/javascript 185.3.93.185
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TDWZF

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.3.93.185 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

nb-185-3-93-185.london.nodebalancer.linode.com

Software

nginx/1.16.1 / PHP/7.3.11

Resource Hash

7c6ca029f534f03710241eed9aea9cab6ff74ef543c072e4870228aba3289d58

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 15:14:06 GMT
Last-Modified: Thu, 01 Jan 2015 00:00:00 GMT
Server: nginx/1.16.1
X-Powered-By: PHP/7.3.11
ETag: 6f917dfac3d87040a18c4021501aae8e
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
X-XSS-Protection: 0
Expires: Tue, 03 Nov 2020 16:14:06 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=982618721&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&ul=en-us&de=UTF-8&dt=Amber%20Heard%2C%20Kapadokya%27da%20-%20Magazin%20Haberleri%20%7C%20NTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEhAAEABAAAAAC~&jid=&gjid=&cid=589561550.1604416447&tid=UA-37502122-4&_gid=435803373.1604416447&gtm=2wgal25TDWZF&z=1558171625

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 10:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17780
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 segmentify.css
cdn.segmentify.com/06641bab-8b32-42c2-b8ba-129f4d981ebb/ 27 KB
6 KB 23ms
23ms Stylesheet
text/css 31.3.2.97
NETSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmentify.com/06641bab-8b32-42c2-b8ba-129f4d981ebb/segmentify.css
Requested by: Host: cdn.segmentify.com
URL: https://cdn.segmentify.com/06641bab-8b32-42c2-b8ba-129f4d981ebb/segmentify.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.97 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software: MNCDN-2142 /
Resource Hash: f4a16ad89b1ce0e4896486b282672d025e0c7b1ee92d81db015e6937163a45d4

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
content-encoding: gzip
x-edge-location: DE-372
x-cache-status: Edge : HIT,
status: 200
last-modified: Tue, 28 Apr 2020 09:01:39 GMT
server: MNCDN-2142
etag: W/"5ea7f0f3-6dd1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: Content-Type, Accept, Authorization, X-Switch-User, X-Switch-Account
x-mserver: 4200
expires: Thu, 03 Dec 2020 15:14:07 GMT

POST
H/1.1 200
OK v1.json Show response
dcc2.segmentify.com//add/events/ 124 B
347 B 76ms
75ms XHR
application/json 185.193.6.142
NETLOJISTIK

General

Check archive.org

Show headers Download Go to

Full URL: https://dcc2.segmentify.com//add/events/v1.json?apiKey=06641bab-8b32-42c2-b8ba-129f4d981ebb
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.193.6.142 , Turkey, ASN206192 (NETLOJISTIK, TR),
Reverse DNS
Software: nginx /
Resource Hash: 81d9acb8983638d4eb55cfba7283ae414e4e59285b4a134c19a9a6b6305c940a

Request headers

Accept: */*
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ntv.com.tr
Date: Tue, 03 Nov 2020 15:14:07 GMT
Content-Encoding: br
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H3-Q050 200 adcall. Show response
fundingchoicesmessages.google.com/f/AGSKWxXTBrL8j9EzCl1WeNB5enSbmtw2N9moz7-bsPGg-Owhcwaa58GOFIPgFonPOsU5wokwvwkYZr9mn-clmDXrfgGYQ3F7aZiRP2ABesfuuxpAGTtetE3qdLIJXwki3K7pbuGpjcZ6zN1D3zkIMWP34YYHXk2Vx... 54 B
446 B 23ms
22ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXTBrL8j9EzCl1WeNB5enSbmtw2N9moz7-bsPGg-Owhcwaa58GOFIPgFonPOsU5wokwvwkYZr9mn-clmDXrfgGYQ3F7aZiRP2ABesfuuxpAGTtetE3qdLIJXwki3K7pbuGpjcZ6zN1D3zkIMWP34YYHXk2VxFK6KQFR6NIUyfP9ATbXfzNpqGMdYnh6dEgMvaASWUsogKvW8zAOS_8aSEvAExONzYjnwHgOXig0p2oUxDU=/__200x600__728x90_/728_90_/adsinsert./adcall.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.2Brn9iU2H6E.es5.O/d=1/ct=zgms/rs=AJlcJMwJng2nW-1jrLugKu5JG5FrwoQO8A/m=detection

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9216cd96d35a1514fac5f2e56b18f1b8f52d870ba53917f8adb071782b25ea26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t2/WZ4YHoa1+toRU8n4LOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-t2/WZ4YHoa1+toRU8n4LOg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-t2/WZ4YHoa1+toRU8n4LOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-t2/WZ4YHoa1+toRU8n4LOg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Tue, 03 Nov 2020 15:14:07 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
853 B 27ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 11:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Nov 2020 11:21:31 GMT

POST
H3-Q050 204 AGSKWxXwnuWqNzMBHS11fOY1FCl19nv2gE3xrE-grfKR5rqshnUc80SCJg2S8w-YsDnDijco8aa5Gh4zqtb-uAGJWn2t7V2UXelYLADTL-jIacjqQfU1hT5SnlRdl8SayJQzAY7FAzhnq6z-ftAefnzdxPEyq6ltux4Gwhpg8otYJSCJEIJkROOndBKa0L3H Show response
fundingchoicesmessages.google.com/l/ 0
370 B 34ms
34ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXwnuWqNzMBHS11fOY1FCl19nv2gE3xrE-grfKR5rqshnUc80SCJg2S8w-YsDnDijco8aa5Gh4zqtb-uAGJWn2t7V2UXelYLADTL-jIacjqQfU1hT5SnlRdl8SayJQzAY7FAzhnq6z-ftAefnzdxPEyq6ltux4Gwhpg8otYJSCJEIJkROOndBKa0L3H

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GydEbz0+i0eFxP5oOpEwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-GydEbz0+i0eFxP5oOpEwTA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
x-content-type-options: nosniff
status: 204
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-GydEbz0+i0eFxP5oOpEwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-GydEbz0+i0eFxP5oOpEwTA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
71 B 7ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIfeUl6hB0PyWSi3f

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 03 Nov 2020 15:14:07 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ntv.com.tr
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
472 B 79ms
23ms Image
image/x-icon 216.58.206.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 16:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82587
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 03 Nov 2020 16:17:40 GMT

POST
H/1.1 200
OK v1.json Show response
dcc2.segmentify.com//add/events/ 44 B
282 B 72ms
72ms XHR
application/json 185.193.6.142
NETLOJISTIK

General

Check archive.org

Show headers Download Go to

Full URL: https://dcc2.segmentify.com//add/events/v1.json?apiKey=06641bab-8b32-42c2-b8ba-129f4d981ebb
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.193.6.142 , Turkey, ASN206192 (NETLOJISTIK, TR),
Reverse DNS
Software: nginx /
Resource Hash: bd6bdbb4693a1b7855e3dde72d1d9edb8a352458a8327af0f074b880640bb7ed

Request headers

Accept: */*
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ntv.com.tr
Date: Tue, 03 Nov 2020 15:14:07 GMT
Content-Encoding: br
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

POST
H3-Q050 204 AGSKWxXwnuWqNzMBHS11fOY1FCl19nv2gE3xrE-grfKR5rqshnUc80SCJg2S8w-YsDnDijco8aa5Gh4zqtb-uAGJWn2t7V2UXelYLADTL-jIacjqQfU1hT5SnlRdl8SayJQzAY7FAzhnq6z-ftAefnzdxPEyq6ltux4Gwhpg8otYJSCJEIJkROOndBKa0L3H Show response
fundingchoicesmessages.google.com/l/ 0
347 B 33ms
32ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b+Yma6+pTuD145dbwxm9/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-b+Yma6+pTuD145dbwxm9/w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
x-content-type-options: nosniff
status: 204
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-b+Yma6+pTuD145dbwxm9/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-b+Yma6+pTuD145dbwxm9/w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXwnuWqNzMBHS11fOY1FCl19nv2gE3xrE-grfKR5rqshnUc80SCJg2S8w-YsDnDijco8aa5Gh4zqtb-uAGJWn2t7V2UXelYLADTL-jIacjqQfU1hT5SnlRdl8SayJQzAY7FAzhnq6z-ftAefnzdxPEyq6ltux4Gwhpg8otYJSCJEIJkROOndBKa0L3H Show response
fundingchoicesmessages.google.com/l/ 0
344 B 37ms
37ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e6TQ5FiFkcBtukcYSV/28A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-e6TQ5FiFkcBtukcYSV/28A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
x-content-type-options: nosniff
status: 204
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-e6TQ5FiFkcBtukcYSV/28A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-e6TQ5FiFkcBtukcYSV/28A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVkSWc3KWjOSGsc79XEWxeF9sZ5aTuY_A-Mw8iDb3JCqeitX_YkZhlxW9RN2MtWH0itu_0_05otcrWC04XHARMor7k2ceBIcUQ1zi1kWBRGb06MWtYVybEL0K2sJCXiRlkdCmhWLc-tMOgg778UcYH6y9amIsr6bWYSRmK2TbRKH2FCCiENeb9-NJaK Show response
fundingchoicesmessages.google.com/f/ 63 KB
24 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVkSWc3KWjOSGsc79XEWxeF9sZ5aTuY_A-Mw8iDb3JCqeitX_YkZhlxW9RN2MtWH0itu_0_05otcrWC04XHARMor7k2ceBIcUQ1zi1kWBRGb06MWtYVybEL0K2sJCXiRlkdCmhWLc-tMOgg778UcYH6y9amIsr6bWYSRmK2TbRKH2FCCiENeb9-NJaK?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCwyLFsxNjA0NDE2NDQ3LDY3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzEsNl1dXQ

Requested by

Host: www.ntv.com.tr
URL: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c69a126d2d8669d0312522936d31bc2ffdbcf284ed7ce4f6534cefc626ac3e6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lQFq6pxfCCl7flUvo2XoQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lQFq6pxfCCl7flUvo2XoQw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-lQFq6pxfCCl7flUvo2XoQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lQFq6pxfCCl7flUvo2XoQw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Tue, 03 Nov 2020 15:14:07 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXwnuWqNzMBHS11fOY1FCl19nv2gE3xrE-grfKR5rqshnUc80SCJg2S8w-YsDnDijco8aa5Gh4zqtb-uAGJWn2t7V2UXelYLADTL-jIacjqQfU1hT5SnlRdl8SayJQzAY7FAzhnq6z-ftAefnzdxPEyq6ltux4Gwhpg8otYJSCJEIJkROOndBKa0L3H Show response
fundingchoicesmessages.google.com/l/ 0
344 B 40ms
39ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s9o5srwb3p15/8APLTbRFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-s9o5srwb3p15/8APLTbRFQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Nov 2020 15:14:07 GMT
x-content-type-options: nosniff
status: 204
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntv.com.tr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-s9o5srwb3p15/8APLTbRFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-s9o5srwb3p15/8APLTbRFQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_storage_set
mc.yandex.ru/ 0
146 B 62ms
62ms Image
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/user_storage_set?key=cm&value=26740274&

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 15:14:07 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
content-type: text/html

GET
H/1.1 200
OK tracking-sw-index.html
ecdn.firstimpression.io/static/sw/ Frame DA68 0
0 66ms
22ms Document
text/html 185.3.93.185
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/sw/tracking-sw-index.html
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.93.185 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-185-3-93-185.london.nodebalancer.linode.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Host: ecdn.firstimpression.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

Server: nginx/1.16.1
Date: Tue, 03 Nov 2020 15:13:52 GMT
Content-Type: text/html
Content-Length: 5819
Connection: close
Last-Modified: Sun, 01 Nov 2020 19:38:11 GMT
ETag: "5f9f0ea3-16bb"
Expires: Tue, 03 Nov 2020 16:13:52 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 39 KB
8 KB 264ms
193ms Script
application/javascript 54.194.173.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7970&url=%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&charset=UTF-8&wrapto=firstSpcFetch&ch=16&ref=www.ntv.com.tr&referer=&_firid=99305345
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.173.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-173-24.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.11
Resource Hash: bd022eae7402cc8c21f53422f173c0a6e593acc414da930e70ba35b45fbf00ee

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:08 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=UTF-8
expires: 0

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
46 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9f94cbc52555c85e6567b8f2878996d03bd5cb272f92cde9429b3b20a13df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46515
x-xss-protection: 0
server: cafe
etag: 10321196751818987736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Nov 2020 15:14:08 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/ 230 KB
86 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 15:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88237
x-xss-protection: 0
server: cafe
etag: 8916267561321754551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Nov 2020 15:14:08 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame 8FAC 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201029/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlRe23xyRuLJySqDkVbNT9gEYJRwxDTTNVDVizrGCHd897lGED1DbFjHB3x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 03 Nov 2020 02:23:42 GMT
expires: Tue, 17 Nov 2020 02:23:42 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 46226
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 200 lg.php
cdn.firstimpression.io/delivery/ 1 B
261 B 37ms
37ms Other
text/html 54.194.173.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=84160&campaignid=32&zoneid=113017
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.173.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-173-24.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.11
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:08 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

POST
H2 200 lg.php
cdn.firstimpression.io/delivery/ 1 B
261 B 38ms
37ms Other
text/html 54.194.173.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=84164&campaignid=32&zoneid=113024
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.173.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-173-24.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.11
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.ntv.com.tr/galeri/yasam/amber-heard-kapadokyada,wrqUG2AmFEWKldChuxl4rw/mTfxCLVfe0ihHcrDIIi_zA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 15:14:12 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-19 22:25:52	Name: ymex Value: 1635952446.yrts.1604416446#1635952446.yrtsi.1604416446
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2574719631604416446
.yandex.ru/	1970-01-19 22:25:52	Name: yuidss Value: 6868449511604416446
.agkn.com/	1970-01-19 22:25:52	Name: ab Value: 0001%3AeFiEQqMEebEId4muKbCWbDyX8Go7HLQD4Loljjv9Sp37bFdI7%2BHKtg%3D%3D
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gtest Value: KlxKiMaGQMQGIMNfbCo3Hd8WssGMXP8c25nSG9pGOjrL6pnnGGIASGPhopCxsG..
.ntv.com.tr/	1970-01-19 22:25:52	Name: _ym_d Value: 1604416447
.ntv.com.tr/	1970-01-19 13:40:18	Name: _ym_visorc_16847260 Value: b
.ntv.com.tr/	1970-01-19 13:41:42	Name: _gid Value: GA1.3.435803373.1604416447
.www.ntv.com.tr/	1970-01-21 08:52:16	Name: _sgf_user_id Value: 957348364427460609
.yandex.ru/	1970-01-19 22:25:52	Name: yandexuid Value: 6868449511604416446
.www.ntv.com.tr/	1969-12-31 23:59:59	Name: _sgf_viewed_products Value: ["wrqUG2AmFEWKldChuxl4rw"]
.agkn.com/	1970-01-19 22:25:52	Name: u Value: C\|0AEAnNDA_JzQwPwAAAAAAAg1RAQCADVIBAIA
.ntv.com.tr/	1970-01-19 13:40:16	Name: _gat_UA-37502122-4 Value: 1
.ntv.com.tr/	1970-01-19 15:49:52	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Nov+03+2020+16%3A14%3A07+GMT%2B0100+(Central+European+Standard+Time)&version=6.8.0&hosts=&consentId=5b577a47-dee4-46e5-a30a-65cb9de4d157&interactionCount=0&landingPath=https%3A%2F%2Fwww.ntv.com.tr%2Fgaleri%2Fyasam%2Famber-heard-kapadokyada%2CwrqUG2AmFEWKldChuxl4rw%2FmTfxCLVfe0ihHcrDIIi_zA&groups=C0002%3A0%2CC0001%3A1%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0
.ntv.com.tr/	1970-01-19 22:25:52	Name: _ym_uid Value: 1604416447326985525
.ntv.com.tr/	1970-01-19 13:41:28	Name: _ym_isad Value: 2
.ntv.com.tr/	1970-01-19 15:49:52	Name: _fbp Value: fb.2.1604416446972.1621441579
.ntv.com.tr/	1970-01-20 07:11:28	Name: ntv_ua_cookie Value: GA1.3.589561550.1604416447
.www.ntv.com.tr/	1969-12-31 23:59:59	Name: _sgf_viewed_categories Value: [{"x":"yasam","y":1},{"x":"PhotoGallery","y":1}]
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gdyn Value: KlQnzRGGQMQGIMNfbCo3Hd8WssGMXP8c25nSG9pGOjrL6pnnGGIASGPhopKxGsRPIQlGvGQp7MLsSLY8RLcGsylPge9iaQG.
.ntv.com.tr/	1970-01-20 07:11:28	Name: _ga Value: GA1.3.589561550.1604416447
www.ntv.com.tr/	1970-01-19 14:23:28	Name: ##refererPageType Value: null
.ntv.com.tr/	1970-01-19 13:41:42	Name: ntv_ua_cookie_gid Value: GA1.3.694502610.1604416447
.www.ntv.com.tr/	1970-01-19 13:40:18	Name: _sgf_session_id Value: 957348364427460608
www.ntv.com.tr/	1969-12-31 23:59:59	Name: weather_last_temperature Value: 15
www.ntv.com.tr/	1969-12-31 23:59:59	Name: weather_description Value: Sağanak Yağışlı
www.ntv.com.tr/	1970-01-19 14:23:28	Name: ##prevPageType Value: detail
.ntv.com.tr/	1970-01-19 14:23:28	Name: CUID Value: N,1604416446745:ALHGLuQAAAAPTiwxNjA0NDE2NDQ2NzQ1Gfso1RAB4ZJxBA8PdGCaGCkkBppU8WEgaKif7XPaTbd+XNEgcFT9Y4TZfbBs0mF/FGVYuogruiC7uPH0HFq0ZPjdESFg5PIvc34F5SwosoogoS8LONAGeIn3LhaXl5hJCU8r6HWj28YsWj+R8lDypUok90lFQ30pL756n8UdXB+Gu+vzyeq/vmH2A/RC4ibW5JT+JWVB7+Sv+rTz8Hw6e9P8eDQIwI6Nw9Ff17KC7LK9hzoj8GKYRK00yeODLiWh6936ejZzFjSJ6/dHMuFfMum6rlUwFBFNpD81fzhZdtojjTKAaBab4nmb0C0HleaBeSjIvSgtPe/jgFM1VAtO5A==
.ntv.com.tr/	1970-01-20 13:40:16	Name: __gfp_64b Value: g6InCFrCe6P9bpSCBmByfGgkljH5SbLp3q0VgcH2RhL.b7
.yandex.ru/	1970-01-23 05:16:16	Name: i Value: xLXsKq2xn40s+OmtvW/m4FPmOc+Phxi9AwbzVDyYAPabbP/3RsE12EXTTcuikm2eR6Z7wvOsvy3gCqu5BSHGfy6rDVo=
www.ntv.com.tr/	1969-12-31 23:59:59	Name: weather_last_img Value: https://cdn.ntv.com.tr/img/weather/w12.png

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: Engageya Called.
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: ad yok
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: null
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: worked
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: 0
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: segmentify loaded
console-api	log	URL: https://cdn.ntv.com.tr/js/ntv.min.js?v=3054(Line 1) Message: data push

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
bidder.criteo.com
cdn.cookielaw.org
cdn.firstimpression.io
cdn.ntv.com.tr
cdn.segmentify.com
cdn1.ntv.com.tr
connect.facebook.net
contributor.google.com
d.agkn.com
dcc2.segmentify.com
delivery.adrecover.com
dygassets.dygdigital.com
ecdn.analysis.fi
ecdn.firstimpression.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gatr.hit.gemius.pl
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
images9.engageya.com
js.agkn.com
ls.hit.gemius.pl
mc.yandex.ru
pagead2.googlesyndication.com
premium.engageya.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
tags.bkrtx.com
widget.engageya.com
wps.euromsg.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ntv.com.tr
104.103.89.30
137.117.149.204
149.202.208.200
172.217.21.226
178.250.0.165
184.30.210.81
185.193.6.142
185.3.93.185
195.142.105.29
205.234.175.175
212.71.236.31
216.58.206.6
217.182.200.29
2600:9000:2182:2400:19:fc2c:a140:93a1
2600:9000:2182:b400:15:efbc:e300:93a1
2600:9000:2182:de00:9:c37:b540:93a1
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81a::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::200e
2a00:1450:400c:c01::9d
2a02:2638:1::13
2a02:2638::3
2a02:26f0:10c:5a3::3b8f
2a02:26f0:10c:5b2::3b8f
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.3.2.97
54.194.173.24
95.142.20.17
086a3344d0a035afb60ffccc1f743974297d94bff9027a87e7d2653dae162eb6
08b0311a2c32ececbae41df080544aeb8204e9eee3da0214d67cc989e46fc9cf
08b66d46ac0651b9510fcb7b57d9835f6925605231f4c605adb52ed3ec7cd779
09c7d5a156245c0a18f5a24084969675b1fbc0a4b582291f502b2741e6a1258e
0a2b66d1560c2c076585eac595a275cc932120eb9884a9782cf27398ef1cfb18
0ca90b8ccee9352e358b32d68b425c82e7f12af1ed31e20ef5bc6d5937edb8ad
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f0442ab444bf86b7cc42c0318b9daf60bbe574eb16443bd543b1f3cecda56a1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
19c4846c11dfe9eb002af872c19b49545782e282c38014929d423e89e94483dd
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1fc90ca7cad373bbb2464bc5cf020c039a70652527015c24a61f1da4c0e9d11a
29fad14f1f9273f2f53037030ee4d78de328672689136cb88c3644d14afa2b64
2dd4725f16ff90a7e7a3cf5014f42eb51cc6a12a09daac3ad7a88ca316961fee
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f61e74f8dfd64debe6c2f8272986e4bc0c1d83f115d2a44c3f601d0e2f39ca8
3073c1001497ac5562c0942e4ed9bcdbdfdda470ff9b325c73421de81933f874
30752627b994f7dfd60c2f5ff51c7b43997cca7d7efd4cb0dd1228790d30af8e
40aa39f97affadb78c48cccb42baa7e711ddb25df90008648a29f4463ec9fc98
4130861d1183a76993ff3b56ce2d93217340b3239b68dfe645bc5f3c9509480f
4873b677f58b261541aeddf628258dd2eba0684cda158fb7c0714c6a778ad9df
49827680ca5678cb7f849959a33ec824c5c8323ab9d95a1cccc3db01cafd79f5
4c9f94cbc52555c85e6567b8f2878996d03bd5cb272f92cde9429b3b20a13df3
5201570092a3f111064e9f5657ca3750ef12347674119157635358ce8258dadf
5241bcec3457c3de1e85e1314ab2423a0c0d866056794b3782c0bfb058c29645
534e0b24d361401481f48bc6e702ca530ac63f277b0307ace3c23c0aac43696e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541c6132fc0f6674c5b3366d9f5d4d3659e349a79b6a17647b199e7aadd53fe4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7
5cf631b8c677c77d932115d7bad9ea7cb89aa0dc65af2309ddf60feda332f085
5d16a79e2751a8d99b622b82a8d0ffbef3de8e2ecb64ef3bb977f66eb0a88737
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5eaaf1ba6f119020494e189163029ca26410b07113cd677ee4970c99bb34a429
641600d2c097ac86bcea47ec24f74e17a3a0478042c47a5e2d44d626038f189f
6f2e8e3ba90446e0779faca4bb639726ba009a2bb099d2b13196d4b450beaa9f
6f7760abdb695f6601dfa3237c6d051551ea3e8a7165e68634037ce291b14229
72158807e8a21e1b1da3d3c23ef12a01a0a2ba6ebec51bc55a29222aa3dc7f3a
739aa7cafa798f858f85fdb3d11d87b2d707fe8412a6b1d496266ba55714f9b3
7493f2a041eebaac8d7355d4255081127b8ce5c64ae118664d8359004bc6eabc
79a7826dac28869b0fa0e85048bb80ef83a275feb5e67b5badbe83e3aaf7f9f4
7c6ca029f534f03710241eed9aea9cab6ff74ef543c072e4870228aba3289d58
7ed1fd157d3dee14c4e0a2091c4a920f9eb218412c3bbaca65d34dc419525ec0
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
81d9acb8983638d4eb55cfba7283ae414e4e59285b4a134c19a9a6b6305c940a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839da65542922f646ce90020430afdebf70a88de062517029844205ddd408cde
84a2c5be063674c3f2c7efb9d8c0c1dfdd6b9a6166759152fa2b1d70b7137ebb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f184fb01d006e648c43775cd7ab6d82739229e49c02230882edbc096349b1a0
8f7460949927e9812c52fa9771718f25d4bf6cb9e50e4400e4bf989cf88314c1
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9216cd96d35a1514fac5f2e56b18f1b8f52d870ba53917f8adb071782b25ea26
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94b013f0664eaaa310a12510a2d77dac06c4b1290c7d0f1865866ce86caa09da
999bab6f4c90c4c9bca669f98aa56b5fa520542e9ef42be9a320f1353b432ed8
9a8acb5962bf7b86d67e2580f639c69c12a01b3f318707cc1ce775d714281863
9c0c1a9d21f0a25e36a4c724b7acf92e3cd838ac6a0e2a0ede169a858668eb3b
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
9d13b63548a4b1bdd597e6c0671499ce59d8a6cde0b54f008be2fe6afe7556c7
9e64a861af48a77558cf315f2c066a43de2cf12f6a1a20603fe8bc30b571c283
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
a3698a4d10ec8e69987ebbac12ddf6320ad24e5aa9f4fc3cbe9b32321838c8c1
a45340be77c5a67bb036cc65490d3a0c8871ba7da2d276f0ff990be08d10b41c
a75a6ca905b9e8cd94cf8fddc27c11736471008c9fe5d85f2e56bc55755af554
a7ef29c336211a7ef610b4bb5384120963bb1195e999773193bd8d38464f6b76
a921af45c6a658d1fbc805726d17b7eed01ec05854ee60eeee2555a479ed91a2
a95eca52613e438d6a3cf18e999a7a23aee68d734c98c12c8338c6e16dcab308
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b148fc7270cd810c3c2082d30f7c80c8fac30f64de66c0bad8a2600188a8f083
b31e6efe57ac25b8ff47ea60a5a3ecd3840e7965a34d14803ea92bd0f4289986
b4e7e4a44e72798bf4464d1febd639b0e6f80217003eadd09048508f7f1e20e5
b54c0c7a8f456cafe908d9ff01a4546ea30904e83c40d8e8e87e5d48acac4838
b68ebedfba2ccfd5b9f1f664ccb22d7b6276e7e075dbda6d2c6b758457c53069
b890c68ff8bd5d94cba364f4bf535c981905c011e66b911cfadcf25b0a34ebbb
bc866c7779940cb2fd9895da8f0a3a50c42f0eeaa9ca861b3dd8936d362d4226
bd022eae7402cc8c21f53422f173c0a6e593acc414da930e70ba35b45fbf00ee
bd6bdbb4693a1b7855e3dde72d1d9edb8a352458a8327af0f074b880640bb7ed
c50c1dd8d74f88e1f5e39e09adf62c771393acbd5ad2e7089c3c2189a0119a98
c69a126d2d8669d0312522936d31bc2ffdbcf284ed7ce4f6534cefc626ac3e6e
ca6d64bf355abd4176ee847d4fa3cceca745f490d5e26d823bc1647c72f7acab
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cf79bafcf2e9a235b2c57024ef3dc9345b3e1e43dd533fbe03adfc529d561ff8
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d9534697e778422a13909fa26fed82de924d50b95a12243cee696e52ce7e8864
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df45f7f3289ba3864a3631bc644a1bae47e7dee9b006f9b43854d91f8931d74c
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea866644c56752a37ee51f5b32984cbc4d59ff7fa51c094ec579d4a6febffcf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0da6e786820a3b367c1a0c6b1e2f872c4de1f8104553f39091972f99b0eb97f
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f4a16ad89b1ce0e4896486b282672d025e0c7b1ee92d81db015e6937163a45d4
f6c82fa09662f2e82d8eabea0e8e1ab72bd786a28ff117c7feab40cb56188930
fc670ffe889597f64c7932c6f27e9385f1349e5eabf1576d16456db245abc4bb
ff46d03d1319e7393ef416fc844d98242372b603ca20945fb676c5428e8ce263

www.ntv.com.tr Open in urlscan Pro 137.117.149.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

63 %IPv6

27 Domains

42 Subdomains

44 IPs

12 Countries

4723 kBTransfer

7704 kBSize

31 Cookies

27 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntv.com.tr Open in urlscan Pro
137.117.149.204 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

63 %
IPv6

27
Domains

42
Subdomains

44
IPs

12
Countries

4723 kB
Transfer

7704 kB
Size

31
Cookies

136 HTTP transactions
2 data transactions