nasil.yazilir.com Open in urlscan Pro
89.252.186.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nasil.yazilir.com/
Effective URL:
https://nasil.yazilir.com/
Submission: On June 30 via manual (June 30th 2022, 5:26:23 am UTC) from PH — Scanned from DE

Summary HTTP 121 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 8 countries across 24 domains to perform 121 HTTP transactions. The main IP is 89.252.186.3, located in Turkey and belongs to RADORE, TR. The main domain is nasil.yazilir.com.
TLS certificate: Issued by R3 on May 10th 2022. Valid for: 3 months.

This is the only time nasil.yazilir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	89.252.186.3 89.252.186.3	42926 (RADORE) (RADORE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	52.48.240.104 52.48.240.104	16509 (AMAZON-02) (AMAZON-02)
3 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:9000:21f... 2600:9000:21f3:c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
121	27

12 89.252.186.3 (Turkey) 1 redirects

ASN42926 (RADORE, TR)
PTR: 3jt5sko.guzel.net.tr

nasil.yazilir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.240.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-240-104.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.137 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 273	472 KB
20	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	135 KB
12	yazilir.com 1 redirects nasil.yazilir.com	108 KB
11	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562 dt.adsafeprotected.com — Cisco Umbrella Rank: 481	97 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	283 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	5 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	1 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	128 KB
3	gstatic.com www.gstatic.com	14 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7751	914 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3472	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	460 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 629	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1107	463 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
121	24

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net nasil.yazilir.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
18	pagead2.googlesyndication.com	nasil.yazilir.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
12	nasil.yazilir.com	1 redirects nasil.yazilir.com
10	s0.2mdn.net	tpc.googlesyndication.com nasil.yazilir.com s0.2mdn.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com nasil.yazilir.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects nasil.yazilir.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	googleads4.g.doubleclick.net	nasil.yazilir.com
2	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects nasil.yazilir.com
2	www.google-analytics.com	nasil.yazilir.com www.google-analytics.com
1	ade.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	m.exactag.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	nasil.yazilir.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
121	32

This site contains links to these domains. Also see Links.

Domain
play.google.com
generatepress.com

Subject Issuer	Validity	Valid
nasil.yazilir.com R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-18`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://nasil.yazilir.com/
Frame ID: 000D0C9B6344FAFE017A31F3608F3809
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: 44313693EAF514E8C47BFB587B2E2A46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&adk=1812271804&adf=3025194257&lmt=1656308615&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnasil.yazilir.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566778527&bpp=2&bdt=351&idt=233&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=495457123522&frm=20&pv=2&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Frame ID: 3FC6F9F36E40B83B45885EC427275B92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Frame ID: 840B949E695B94293151FB303CCB1404
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Frame ID: 53FB6BD31C9CE344D68B4DE91ABB7049
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2641D861FD035FE1EEFB56F33D3B3DFE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html
Frame ID: C59B352300C0D0EB5EA0AB23DC9F1006
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A400
Frame ID: 1DAA457EA654D6358FCEAA477E036995
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D50139A5F176E12535D340D385723198
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYoceavQEwAQ&v=APEucNW3iWth7hwD5FhQSqbXbcq-nj3dOtlCQ1BNbO-BL5fzVDnNcfiobn1vTqiVyVBKdMyrXqDdDWAyBRzzpjhRYpAlKMp_ZU1mM7D-eZt71VIKHGG-DsqXhl1N6hgfI8u5NzQEoYit1HKlp8V67oZq_9CnQlWzH9EmLTLpE-IKqE9AZO0s-p4
Frame ID: B96D6F6E526DDA4B7028A5D044EC831D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCXS50RAyL2iRn5ZpVnmrWe-ZzE-U9gCuv0o7IztC9wXuRqBV7NPJuj5GFwephXl90UGJQALh8uLJPHHMle5XDxpfJRlIL3x63jiZ2OZq6_ThyIIKK4CI6-_T98fzl6k286EWuXXmD3SobIuP9VoIGZWzSoA&dbm_d=AKAmf-DoE8AlS9GRL9xCyvyyHShOBHbvfolOV7pUplVq-R4AryJ-YkKwnpM9Y2hU8DK5n9NZIM1jO5oREcBRAUvIag9_yp2rONK5cNPkiA-mnY_dmvYI649rUfw7wZLO9ZgUND8cQpG88iFLfLOaVT8WUFh7zRw2jDlHPviCyDTImmBHnUxa2GBEenJePEnLFSLq-E99be7nGUQ6R9Rq-WzkacnTQAf-627U2PWWW1f6QTgQ_XG_E52bVkchs5EaJXM8Upnx_lNPk8AdKkb-dZ-hKF9IZNc2MW159TUdDN-mzlaZZJbi6YFMwqU7nwINX0FFFU8rjlZgUoGtbQAVzLNuFM9eTwGG8UR8Z0XTM5Wxq5lbULUzlRovjAH_Nr1SEH_W4FZP4MnQRpmAvOzRv_wEAZLTyHl-eiMuX3QJIV3N_yXyG3YibClO0ZT1vrXiJHViq6s9oAMCBdfe9hMcWF9PGx8qTgHmz1nqYYPJd0nV4g6RWo8VZ4SyEtUoo_B4Hov6cVCQPPxj7h8d3IX3ewL5Uxni4OqWDrokeGB2001bMp5utmddQ8RoUwbKS7vsHMDi3yT1Y15WYW2gvGyCUqJpsu20eZe5BvXGz3RCbzIZ55C67jcJ4bUCzg198NExi3KpCWw9XBOK2iGd70xOQFBBL9xh8W6xUkUMbOtyzwwlf091lWNGVKILBgXLsyxVfQhWqiIAsDMiHmVbnlI1OIjlqxSFpdW6GnPKkaR7C4QxTIhYMWM_Zy_4ZJYGAaFfKjs8SCIGeilhs4Ceafc_9wis65VRXc8YZYoRPP0x42QigL2auC-9ZxRbSKwTw8oDbvNckbnFHS1TQFrYw5ImM7NAdjxBc9WRDYDfg5siCK-g7OBMLpYde5pWCQcZRmllPbBKE-nx4MVEumLO29_aQLfSSvtoSDM-OwEWgl_QEEI6Pyz-XJ9LkgmH84LneNcdk1P7Y8xRVFHS7Nzm-PuCxDENhSO8toj2x32kRDYPqfPEj-TP-cVezJQ1S-ntAOFc2tUcPZ8UScaATiMLGEFlynQz-nWA9RPzF2X2DOTNria1rXu3RG-h1Z5HB4R4XAqOdjHdEPUM3ed2jyV2kT81xrapZg5ijYmdY5L2OTo0CWEZlfGHXgImFMsiGK1ZNcZS_98g9eAIvBGsrbXbgj9KaobS6o4B1aY0qYBw9rRFTPzfcRcBlfbsLcmFHopa4Z4Sercxk5mpLTshYwYycQ7_Qj4ci6yUzGrcEz_x--KB3nC5cYNLHclpOLlIGFuF4qwJB0YhoRVHr4mtIEbKq3EKZX7qZDcsChhqYR5ITRoHfQKZ7Aam0PY0ePpqrpIcplR0LZVFa3kmbWbSQHy7Xsgadac69cwx2FwrdPVPmpdksd4os67wSCLCSCdlBYiNtJTOzXFxGXam5lUkb4vdhDQtlEFt9r9F2q-RN_06_NVdkp1oTVtj9FPBYBlLpplUdhrpwVtFxi-DMEy4rwim8xgPGmU84qW_kBpkxCO0hSX2HufXNuq0_-stq-7jcJJMWtTSOISWx56uSzAWTxTJUWJK9wxeuXAY568VfCicjMzDQAoThIH1kdK1D84IQLbuTsTVes_YZdxQ5xPuPNvjp_XvFuz-6gbU5tQW_gEPJG95enTH7Q6YAlogfKQ0kRbMrjzJVzZnEjONUsC1ofsHr4lfTN3_5y9vwYK919JB5ziwxgIJ8Qv_N7NtJb_3Gef7RRYHq3o8CeeybPsgyjt_pM7_zzI-yz-5fE870f3KtuZ14Y7aOJXxP1FiBNL5m6d41VEAuif6jG3YMWR7XM5t6sDtGxgZCS65EvGInoonN37irPqMfc7oHpLhC08V6Sj4e5Z441ObtEtKJxpOfluqZiiUYvtBOYOMQR-dWmyJEe7gzchxHOXAptyVASlck2-s78Eux_c7WGbfdOnGplyQNVMrwHvxF0D3iYjuWxsJ9V-9Z4sJqJCkrNzosqyh-F-TVzumyhtU4dMSobKL_tfQvPG9oCKjnvhWjaGybtjHVHDqtr9dn6raB0Vh8mLWsyk9WvJDoSvLL398-AtEs0lr5-a_LYXkjeVyPbmCkq13ik65-QZROWNoOmY6NU0kRaFXEv2H5qzt01lVle5zTKUvbQFw2wgUkPTfkyjmloa71kfYeXVzla7UcV-70IfYrr0_xgChDj9CdUgwP-4JwDamWvtRE1Cws9CvD2fSEpSANnZAUcW1NyznYh1xIlYklP7XC3TPcYHeCbEovmUej21uJkcC9IKyYs4mJZw2yalUxKelvT8uS7gbS_R87q60KkbbdWNjfKKN4M3LYT9pzpwKnk43UYBo3YK-zsEQtMOO22nCM6YYTCRpOknqj6_389DNUE0RP_ym8sJn49GiqmxKC2yWjgrV9Z633D9Wa4ylJm22TQApstPnScdjUPbqqaa2XUSeiC7uLm2SEOeMe-QC4N358U1AGeASVZ7IzbuSyFXEJCA7gJ5HFhDK0Yyv7RzYuHgeN6bwnZM-I4ngPvrYFMGniwDwlZ0X0Bm-QdPPILl47A7VANeLHBFj0XN7_QIqnBru-o6qDrI1WKBZij9piuZde2Ea4DVXEZ0iZXfXTS8GYK9btmsPntjwuLoJ7XvneI-YuKcXz2aw_MRSMmhw6yhUYguXWmvRh5xoumGbE7s5YaFdksNELbKTg8pmwOB_-vWhCzfL6lQeYTvS7PZXNx1HCgv1FTCWgTbRjzfKbV_Fs3-A3wip6oHwfrPNruFjj-DcjE0rCLKYOYVFNG2fr61skBo-8yP2jo6lhqWaxLhaOa6nn6TyptiHVtAp6zAg6S_7CtDtfzeJoA-MP289ba27cqepozw7K5A_VPsN6HghAKVxXZE05TSqlGaC8ATss_Syp7X1Fd5H3vF5nNXdDPjT7QZBkceeqP3pJCuJKgMFOIHbTZ_hz6PPlxxhLyf3ZADVA7MvGaq0T_uYKxKSWLmXdn4UPWyAWNzNvHFePxKPHfUslWXGhr7cUjoOxUs-KbYldW--dVr5NkoYs7zcygpaBiQAAcIOpycaPuXasIHU6URp_eFocbl48BLXtu7in7R54n0cdgnYPHKa1xyNXQI4Xpgh_aowtinQjwaaOQr06PT4PvaPTJIAvSS6aYPN2f4RihN9CmpmUdAOPdJeMSqqWPVNn3ehe40RIP_ccdhHtk52hGfkOnWhEyhYioTlJXnAgneuqY6qX216q78XVsVpATr9VoReE_txP_SqnrdetBgrxLzo5EQMkv_H61XmEGi5OXw5DGy8Q7HkUilC-kMD-Wk00ueeQhO5Mhob-V4YzHLClZyY4RscdWOsv99FhKA1x9x6QTW0giUDUBBUhe9qaILm6HAsE3SkYTg4B2skgFsqcvUk78uPRlLhWaDgZL32cHXJsiN6FXLM2Y6n27gvfP7aSR7sognMCg&cid=CAASJORojpH2Qpb-HS2oFaq8PukQXEb9JSC1AkBTXNwVWgALYkao1w&rfl=2%2Chttps%253A%252F%252Fnasil.yazilir.com%252F%240
Frame ID: 3078F124C207B7D8062A67EE145B396C
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 23A7AB4C41502C9710960CB472183DF1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D552F9EA8780B6D0089461A453EC05E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 893EC4608FD7C7964517FCE2ADA06306
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
Frame ID: 9EAB1A1751EECD038AE3BF0360012AC9
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 761001FAB288D9663B61A2A9722AB24B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: DC53AD4E2A8625B7F9FD75991CBA5FE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3318209797BC21BA4A97CC81E909DABD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D35EBE678B2A862638464061A5A62708
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nasıl Yazılır?

Page URL History Show full URLs

http://nasil.yazilir.com/ HTTP 301
https://nasil.yazilir.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

121
Requests

91 %
HTTPS

52 %
IPv6

24
Domains

32
Subdomains

27
IPs

8
Countries

1424 kB
Transfer

4008 kB
Size

34
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.yazimimla.kilavuzu
Title: Android uygulamamızı indirmek için buraya tıklayabilirsiniz!

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nasil.yazilir.com/ HTTP 301
https://nasil.yazilir.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9685.9mLJvAZqY4TKMuocRouPxMZyVtUxgBIb6l6H7-lPh2hNLsNHQTpnJjh6WL_vAWv6.4D7X0dW_Nlum3xJm8IsIxNZlPyI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9685.DwEAFS4b3fU96971isKx0vAerbe1twSm9kDcDE757-P0DGtcgXSLYNxTljd74Onsrb286-n8LdCDQf44InwggA%2C%2C.rW5V_EVbIZi47jkpr9Ym4s89Z14%2C

Request Chain 24

https://mc.yandex.com/watch/40043720?wmode=7&page-url=https%3A%2F%2Fnasil.yazilir.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A423%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A515656748056%3Ahid%3A131771045%3Az%3A0%3Ai%3A20220630052618%3Aet%3A1656566779%3Ac%3A1%3Arn%3A334649360%3Arqn%3A1%3Au%3A1656566779741551216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656566777914%3Ads%3A0%2C90%2C42%2C1%2C126%2C0%2C%2C197%2C0%2C%2C%2C%2C456%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656566779%3At%3ANas%C4%B1l%20Yaz%C4%B1l%C4%B1r%3F&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/40043720/1?wmode=7&page-url=https%3A%2F%2Fnasil.yazilir.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A423%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A515656748056%3Ahid%3A131771045%3Az%3A0%3Ai%3A20220630052618%3Aet%3A1656566779%3Ac%3A1%3Arn%3A334649360%3Arqn%3A1%3Au%3A1656566779741551216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656566777914%3Ads%3A0%2C90%2C42%2C1%2C126%2C0%2C%2C197%2C0%2C%2C%2C%2C456%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656566779%3At%3ANas%C4%B1l%20Yaz%C4%B1l%C4%B1r%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr0z-AmURcsaWKEQfoVdlQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzca959aJvclj1lwFIVW_M&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE1NDMwNTUwMTI5MTQ4NDE5OQ%3D%3D

Request Chain 86

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC33S_YyLiDaetgWMIXv-5_LQpgJzs470ctlFBwY-uCVPY0OcB0uMq2txLjldgZUmpT9FkimgRn8nJQjJcWwjaws2tZfMCA&google_gid=CAESEI-AFXFvcHfa3v4_EUMXwRI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC33S_YyLiDaetgWMIXv-5_LQpgJzs470ctlFBwY-uCVPY0OcB0uMq2txLjldgZUmpT9FkimgRn8nJQjJcWwjaws2tZfMCA&google_gid=CAESEI-AFXFvcHfa3v4_EUMXwRI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwNTI2MjAwMDAxNTIzNjkxNjIyNw%3D%3D&google_push=ARnp8GC33S_YyLiDaetgWMIXv-5_LQpgJzs470ctlFBwY-uCVPY0OcB0uMq2txLjldgZUmpT9FkimgRn8nJQjJcWwjaws2tZfMCA

Request Chain 89

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDgWq1G-h1nB52-IsmS7FwM&google_cver=1&google_push=ARnp8GD_m-b2nQQqyLQAhlrIAUNQIJVY1DzlalYpRbS6lmf3dR73ctkxNsUlR7ywQM8-JSlHQlohwad99lhXOpRJWHU-A8SXBJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwTDM4S0EtMTktSDNRMQ==&google_push=ARnp8GD_m-b2nQQqyLQAhlrIAUNQIJVY1DzlalYpRbS6lmf3dR73ctkxNsUlR7ywQM8-JSlHQlohwad99lhXOpRJWHU-A8SXBJI

Request Chain 90

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEP-s2ApIBUoQToa_bDH1VA&google_cver=1&google_push=ARnp8GC_Usyhn0wzfUjuUuDiDx1nqZT8wwycuisJ0zVDwxiQxN9eSAnIlr-Lwa0PvBw-SebhMmfrmAfztlAYIf2GeHqM1A85f1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEP-s2ApIBUoQToa_bDH1VA&google_hm=Yr0z_AmURcsaWKEQfoVdlQAADF8AAAIB&google_nid=index&google_push=ARnp8GC_Usyhn0wzfUjuUuDiDx1nqZT8wwycuisJ0zVDwxiQxN9eSAnIlr-Lwa0PvBw-SebhMmfrmAfztlAYIf2GeHqM1A85f1A

121 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nasil.yazilir.com/
Redirect Chain

http://nasil.yazilir.com/
https://nasil.yazilir.com/

63 KB
10 KB

133ms
42ms

Document
text/html

89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 4c7a45ad7dc562deb9c4fc51d671a93af1ce14e9176011f42265c0ddcf724571

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-length: 10152
content-type: text/html
date: Thu, 30 Jun 2022 05:26:17 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Mon, 27 Jun 2022 05:43:35 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Thu, 30 Jun 2022 05:26:17 GMT
location: https://nasil.yazilir.com/
server: LiteSpeed

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1289
date: Thu, 30 Jun 2022 05:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 07:04:49 GMT

GET
H2 200 8du2w.css
nasil.yazilir.com/wp-content/cache/wpfc-minified/7m44xozp/ 111 KB
42 KB 93ms
91ms Stylesheet
text/css 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/cache/wpfc-minified/7m44xozp/8du2w.css
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 24ee774507b952ea1176bb86541c447a695d52b1bce12762e222f4bb6e26c811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Thu, 10 Feb 2022 08:10:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 42824
expires: max-age=2592000, public

GET
H2 200 8du2w.css
nasil.yazilir.com/wp-content/cache/wpfc-minified/3231b6ac/ 34 KB
6 KB 92ms
89ms Stylesheet
text/css 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/cache/wpfc-minified/3231b6ac/8du2w.css
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: ba948aa364465e6bd6d648eca16678f411b05de0a427100b35a5100fd6c87cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Thu, 10 Feb 2022 08:10:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 6556
expires: max-age=2592000, public

GET
H2 200 dcnje.css
nasil.yazilir.com/wp-content/cache/wpfc-minified/2bk814ua/ 37 KB
8 KB 92ms
90ms Stylesheet
text/css 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/cache/wpfc-minified/2bk814ua/dcnje.css
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 86cd1bfbb2db0c9372d5908252af20ad6a7a327d41d8985c48f8a5bec51686c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Sat, 28 May 2022 02:03:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 7963
expires: max-age=2592000, public

GET
H2 200 60rez.css
nasil.yazilir.com/wp-content/cache/wpfc-minified/78j0sojp/ 2 KB
582 B 45ms
43ms Stylesheet
text/css 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/cache/wpfc-minified/78j0sojp/60rez.css
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: bff8b2d3fce7ece7f6176fe724a7e3af647f4f75e1a217f0b07af1c30359e584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 01:45:17 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 479
expires: max-age=2592000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77356539-1

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f95eb7067891c4769b30ce349da4b4695febdd9e79d59e929937da404601747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40345
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jun 2022 05:26:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 140ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5946798a8259febe8c5b3a6acd2d61a0cf4b0858be62d135fc6e6b31c581ff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56357
x-xss-protection: 0
server: cafe
etag: 175260745061421138
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 05:26:18 GMT

GET
H2 200 main.min.js Show response
nasil.yazilir.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 45ms
44ms Script
application/javascript 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Tue, 01 Dec 2020 18:14:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1609
expires: max-age=2592000, public

GET
H2 200 jquery.min.js Show response
nasil.yazilir.com/wp-includes/js/jquery/ 87 KB
30 KB 48ms
47ms Script
application/javascript 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Thu, 10 Feb 2022 08:08:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 30273
expires: max-age=2592000, public

GET
H2 200 jquery-migrate.min.js Show response
nasil.yazilir.com/wp-includes/js/jquery/ 11 KB
4 KB 89ms
88ms Script
application/javascript 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Thu, 10 Feb 2022 08:08:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3995
expires: max-age=2592000, public

GET
H2 200 ads.js Show response
nasil.yazilir.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
131 B 45ms
44ms Script
application/javascript 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.55
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
last-modified: Tue, 21 Jun 2022 13:43:50 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 78
expires: max-age=2592000, public

GET
H2 200 wp-emoji-release.min.js Show response
nasil.yazilir.com/wp-includes/js/ 18 KB
4 KB 43ms
42ms Script
application/javascript 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
content-encoding: br
last-modified: Thu, 10 Feb 2022 08:08:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4539
expires: max-age=2592000, public

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://nasil.yazilir.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 generatepress.woff2
nasil.yazilir.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
1 KB 42ms
42ms Font
application/font-woff2 89.252.186.3
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://nasil.yazilir.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/wp-content/cache/wpfc-minified/2bk814ua/dcnje.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.252.186.3 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: 3jt5sko.guzel.net.tr
Software: LiteSpeed /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://nasil.yazilir.com/wp-content/cache/wpfc-minified/2bk814ua/dcnje.css
Origin: https://nasil.yazilir.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:17 GMT
last-modified: Tue, 01 Dec 2020 18:14:54 GMT
server: LiteSpeed
content-type: application/font-woff2
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1264
expires: max-age=2592000, public

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 46ms
45ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1452871264&t=pageview&_s=1&dl=https%3A%2F%2Fnasil.yazilir.com%2F&ul=en-us&de=UTF-8&dt=Nas%C4%B1l%20Yaz%C4%B1l%C4%B1r%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1099305123&gjid=437759002&cid=618102184.1656566778&tid=UA-77356539-1&_gid=1108500686.1656566778&_r=1&_slc=1&z=2107726365

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nasil.yazilir.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasil.yazilir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 205ms
99ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:18 GMT
content-encoding: br
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-1180a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71690
expires: Thu, 30 Jun 2022 06:26:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 339 KB
120 KB 141ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3821229698992247&plah=nasil.yazilir.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caaa79498322c936e981fffeb155c482f2aa11cceaeded35c74b6057a83135be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122442
x-xss-protection: 0
server: cafe
etag: 5601434263030301378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 05:26:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame 4431 10 KB
5 KB 124ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 15:39:02 GMT
etag: 10429905676100781186
expires: Wed, 13 Jul 2022 15:39:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9685.9mLJvAZqY4TKMuocRouPxMZyVtUxgBIb6l6H7-lPh2hNLsNHQTpnJjh6WL_vAWv6.4D7X0dW_Nlum3xJm8IsIxNZlPyI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9685.DwEAFS4b3fU96971isKx0vAerbe1twSm9kDcDE757-P0DGtcgXSLYNxTljd74Onsrb286-n8LdCDQf44InwggA%2C%2C.rW5V_EVbIZi47jkpr9Ym4s89Z14%2C

75 B
75 B

55ms
54ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9685.DwEAFS4b3fU96971isKx0vAerbe1twSm9kDcDE757-P0DGtcgXSLYNxTljd74Onsrb286-n8LdCDQf44InwggA%2C%2C.rW5V_EVbIZi47jkpr9Ym4s89Z14%2C

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:18 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9685.DwEAFS4b3fU96971isKx0vAerbe1twSm9kDcDE757-P0DGtcgXSLYNxTljd74Onsrb286-n8LdCDQf44InwggA%2C%2C.rW5V_EVbIZi47jkpr9Ym4s89Z14%2C
date: Thu, 30 Jun 2022 05:26:18 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 55ms
51ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:18 GMT
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 30 Jun 2022 06:26:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 436ms
47ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nasil.yazilir.com&callback=_gfp_s_&client=ca-pub-3821229698992247

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3821229698992247&plah=nasil.yazilir.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

21590fb887a7b957045c40e12cdfce72c765b0185d1d416af0e70cfdc981d29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 432ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nasil.yazilir.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 429ms
44ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nasil.yazilir.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FC6 278 KB
75 KB 554ms
468ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&adk=1812271804&adf=3025194257&lmt=1656308615&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnasil.yazilir.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566778527&bpp=2&bdt=351&idt=233&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=495457123522&frm=20&pv=2&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6c38c1ee94cdce57161db93768fbcabb33e1189c1a68ddd9d2ce1b9cfe035a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 76882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:26:19 GMT
expires: Thu, 30 Jun 2022 05:26:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/40043720/
Redirect Chain

https://mc.yandex.com/watch/40043720?wmode=7&page-url=https%3A%2F%2Fnasil.yazilir.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A423%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/40043720/1?wmode=7&page-url=https%3A%2F%2Fnasil.yazilir.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A423%3Afu%3A0%3Aen%3Autf-...

350 B
504 B

58ms
58ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/40043720/1?wmode=7&page-url=https%3A%2F%2Fnasil.yazilir.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A423%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A515656748056%3Ahid%3A131771045%3Az%3A0%3Ai%3A20220630052618%3Aet%3A1656566779%3Ac%3A1%3Arn%3A334649360%3Arqn%3A1%3Au%3A1656566779741551216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656566777914%3Ads%3A0%2C90%2C42%2C1%2C126%2C0%2C%2C197%2C0%2C%2C%2C%2C456%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656566779%3At%3ANas%C4%B1l%20Yaz%C4%B1l%C4%B1r%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

63d0b223476230f6fc5544cca45484091122cec34c4fa9463c9cc567f889218c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 30-Jun-2022 05:26:19 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasil.yazilir.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 05:26:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:18 GMT
last-modified: Thu, 30-Jun-2022 05:26:18 GMT
location: /watch/40043720/1?wmode=7&page-url=https%3A%2F%2Fnasil.yazilir.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A423%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A515656748056%3Ahid%3A131771045%3Az%3A0%3Ai%3A20220630052618%3Aet%3A1656566779%3Ac%3A1%3Arn%3A334649360%3Arqn%3A1%3Au%3A1656566779741551216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656566777914%3Ads%3A0%2C90%2C42%2C1%2C126%2C0%2C%2C197%2C0%2C%2C%2C%2C456%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656566779%3At%3ANas%C4%B1l%20Yaz%C4%B1l%C4%B1r%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nasil.yazilir.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 05:26:18 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 149 KB
53 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e670be33218163350d7cf5618a4fd34606ef8c4b6b45ff4ab4ca60cbedde2b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54412
x-xss-protection: 0
server: cafe
etag: 10387518077217113542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 05:26:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 119ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nasil.yazilir.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 130ms
50ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nasil.yazilir.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 840B 22 KB
11 KB 450ms
449ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d599decda305a43f071f182ef93be914b2d1b8fb11b952aa5642d4ef0fe6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10819
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:26:20 GMT
expires: Thu, 30 Jun 2022 05:26:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/ Frame 53FB 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 15:43:20 GMT
etag: 10429905676100781186
expires: Wed, 13 Jul 2022 15:43:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/ Frame 2641 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 15:43:20 GMT
etag: 10429905676100781186
expires: Wed, 13 Jul 2022 15:43:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 53FB 4 KB
1 KB 157ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 04:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 05:26:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53FB 205 B
743 B 147ms
40ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 02:11:08 GMT
x-content-type-options: nosniff
age: 11712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 30 Jun 2023 02:11:08 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53FB 604 B
694 B 148ms
41ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:18:48 GMT
x-content-type-options: nosniff
age: 4052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 30 Jun 2023 04:18:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame 53FB 19 KB
8 KB 172ms
74ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:14:15 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/ Frame C59B 48 KB
25 KB 110ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a97735f726b079fdc9d76d736612b04a6a38af926b3a801f37bf0b0c62fdfc6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 407945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23944
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 12:07:15 GMT
expires: Sun, 25 Jun 2023 12:07:15 GMT
last-modified: Fri, 22 May 2020 11:04:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2641 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0pe0-zO9YvaGEOOElQfs0aCQBIfsx5dox9K9tMoMroTGyfIdEAEgiO7ODmCV4pCCoAegAdeX7LoCyAEJqQID7woOX4WxPqgDAcgDSKoE1wFP0HT7vwN8ICsqWFfNTuTl1ZEzq3pYsIHR0bWqIJ4Wz3rMolb7oPlzvlFnygQzgjeZ-O8t2y13HNstm3eGlMSKg8w7p6qajRP7P5B8YaOhMPSg19YIc4MLx1B9pHfm0tBKVKpOYklrjVESA8qJJiB9HnyYNfWi7CN-Yi3RUlTo57uWNdptz-HXj1HA3TSwmmrg2NVxBOwxPe7v2UfxcLoU4_mZgdwq598SIT-fdSackXKsgfAsi--bZboXj99AgcXjHZdtO2rc8eLzQ_mGvh36gqhnfLuM_sAE-q6I494CkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5Hok8UBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQlokJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMzgyMTIyOTY5ODk5MjI0NxgA&sigh=n_CYsjQ_1s0&uach_m=[UACH]&template_id=419

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Jun 2022 05:26:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Jun 2022 05:26:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 2641 21 KB
9 KB 152ms
81ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:25:19 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C59B 9 KB
3 KB 147ms
62ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 30 Jun 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C59B 26 KB
10 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 30 Jun 2022 23:30:07 GMT

GET
H2 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C59B 109 KB
37 KB 163ms
49ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1DAA 2 KB
539 B 141ms
57ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 05:13:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 05:26:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 1DAA 2 KB
902 B 121ms
63ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:21:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 1DAA 21 KB
8 KB 104ms
48ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:25:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 1DAA 3 KB
1 KB 118ms
63ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:06:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DAA 138 KB
43 KB 194ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 1DAA 17 KB
7 KB 112ms
57ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:09:06 GMT

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 1DAA 31 KB
13 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 00:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 00:44:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D501 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 04:50:46 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 2641 3 KB
1 KB 76ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:06:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2641 138 KB
42 KB 230ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D501
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

116ms
115ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 05:26:20 GMT
expires: Thu, 30 Jun 2022 05:26:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 05:26:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B96D 624 B
297 B 51ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYoceavQEwAQ&v=APEucNW3iWth7hwD5FhQSqbXbcq-nj3dOtlCQ1BNbO-BL5fzVDnNcfiobn1vTqiVyVBKdMyrXqDdDWAyBRzzpjhRYpAlKMp_ZU1mM7D-eZt71VIKHGG-DsqXhl1N6hgfI8u5NzQEoYit1HKlp8V67oZq_9CnQlWzH9EmLTLpE-IKqE9AZO0s-p4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:26:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3078 83 KB
33 KB 113ms
110ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCXS50RAyL2iRn5ZpVnmrWe-ZzE-U9gCuv0o7IztC9wXuRqBV7NPJuj5GFwephXl90UGJQALh8uLJPHHMle5XDxpfJRlIL3x63jiZ2OZq6_ThyIIKK4CI6-_T98fzl6k286EWuXXmD3SobIuP9VoIGZWzSoA&dbm_d=AKAmf-DoE8AlS9GRL9xCyvyyHShOBHbvfolOV7pUplVq-R4AryJ-YkKwnpM9Y2hU8DK5n9NZIM1jO5oREcBRAUvIag9_yp2rONK5cNPkiA-mnY_dmvYI649rUfw7wZLO9ZgUND8cQpG88iFLfLOaVT8WUFh7zRw2jDlHPviCyDTImmBHnUxa2GBEenJePEnLFSLq-E99be7nGUQ6R9Rq-WzkacnTQAf-627U2PWWW1f6QTgQ_XG_E52bVkchs5EaJXM8Upnx_lNPk8AdKkb-dZ-hKF9IZNc2MW159TUdDN-mzlaZZJbi6YFMwqU7nwINX0FFFU8rjlZgUoGtbQAVzLNuFM9eTwGG8UR8Z0XTM5Wxq5lbULUzlRovjAH_Nr1SEH_W4FZP4MnQRpmAvOzRv_wEAZLTyHl-eiMuX3QJIV3N_yXyG3YibClO0ZT1vrXiJHViq6s9oAMCBdfe9hMcWF9PGx8qTgHmz1nqYYPJd0nV4g6RWo8VZ4SyEtUoo_B4Hov6cVCQPPxj7h8d3IX3ewL5Uxni4OqWDrokeGB2001bMp5utmddQ8RoUwbKS7vsHMDi3yT1Y15WYW2gvGyCUqJpsu20eZe5BvXGz3RCbzIZ55C67jcJ4bUCzg198NExi3KpCWw9XBOK2iGd70xOQFBBL9xh8W6xUkUMbOtyzwwlf091lWNGVKILBgXLsyxVfQhWqiIAsDMiHmVbnlI1OIjlqxSFpdW6GnPKkaR7C4QxTIhYMWM_Zy_4ZJYGAaFfKjs8SCIGeilhs4Ceafc_9wis65VRXc8YZYoRPP0x42QigL2auC-9ZxRbSKwTw8oDbvNckbnFHS1TQFrYw5ImM7NAdjxBc9WRDYDfg5siCK-g7OBMLpYde5pWCQcZRmllPbBKE-nx4MVEumLO29_aQLfSSvtoSDM-OwEWgl_QEEI6Pyz-XJ9LkgmH84LneNcdk1P7Y8xRVFHS7Nzm-PuCxDENhSO8toj2x32kRDYPqfPEj-TP-cVezJQ1S-ntAOFc2tUcPZ8UScaATiMLGEFlynQz-nWA9RPzF2X2DOTNria1rXu3RG-h1Z5HB4R4XAqOdjHdEPUM3ed2jyV2kT81xrapZg5ijYmdY5L2OTo0CWEZlfGHXgImFMsiGK1ZNcZS_98g9eAIvBGsrbXbgj9KaobS6o4B1aY0qYBw9rRFTPzfcRcBlfbsLcmFHopa4Z4Sercxk5mpLTshYwYycQ7_Qj4ci6yUzGrcEz_x--KB3nC5cYNLHclpOLlIGFuF4qwJB0YhoRVHr4mtIEbKq3EKZX7qZDcsChhqYR5ITRoHfQKZ7Aam0PY0ePpqrpIcplR0LZVFa3kmbWbSQHy7Xsgadac69cwx2FwrdPVPmpdksd4os67wSCLCSCdlBYiNtJTOzXFxGXam5lUkb4vdhDQtlEFt9r9F2q-RN_06_NVdkp1oTVtj9FPBYBlLpplUdhrpwVtFxi-DMEy4rwim8xgPGmU84qW_kBpkxCO0hSX2HufXNuq0_-stq-7jcJJMWtTSOISWx56uSzAWTxTJUWJK9wxeuXAY568VfCicjMzDQAoThIH1kdK1D84IQLbuTsTVes_YZdxQ5xPuPNvjp_XvFuz-6gbU5tQW_gEPJG95enTH7Q6YAlogfKQ0kRbMrjzJVzZnEjONUsC1ofsHr4lfTN3_5y9vwYK919JB5ziwxgIJ8Qv_N7NtJb_3Gef7RRYHq3o8CeeybPsgyjt_pM7_zzI-yz-5fE870f3KtuZ14Y7aOJXxP1FiBNL5m6d41VEAuif6jG3YMWR7XM5t6sDtGxgZCS65EvGInoonN37irPqMfc7oHpLhC08V6Sj4e5Z441ObtEtKJxpOfluqZiiUYvtBOYOMQR-dWmyJEe7gzchxHOXAptyVASlck2-s78Eux_c7WGbfdOnGplyQNVMrwHvxF0D3iYjuWxsJ9V-9Z4sJqJCkrNzosqyh-F-TVzumyhtU4dMSobKL_tfQvPG9oCKjnvhWjaGybtjHVHDqtr9dn6raB0Vh8mLWsyk9WvJDoSvLL398-AtEs0lr5-a_LYXkjeVyPbmCkq13ik65-QZROWNoOmY6NU0kRaFXEv2H5qzt01lVle5zTKUvbQFw2wgUkPTfkyjmloa71kfYeXVzla7UcV-70IfYrr0_xgChDj9CdUgwP-4JwDamWvtRE1Cws9CvD2fSEpSANnZAUcW1NyznYh1xIlYklP7XC3TPcYHeCbEovmUej21uJkcC9IKyYs4mJZw2yalUxKelvT8uS7gbS_R87q60KkbbdWNjfKKN4M3LYT9pzpwKnk43UYBo3YK-zsEQtMOO22nCM6YYTCRpOknqj6_389DNUE0RP_ym8sJn49GiqmxKC2yWjgrV9Z633D9Wa4ylJm22TQApstPnScdjUPbqqaa2XUSeiC7uLm2SEOeMe-QC4N358U1AGeASVZ7IzbuSyFXEJCA7gJ5HFhDK0Yyv7RzYuHgeN6bwnZM-I4ngPvrYFMGniwDwlZ0X0Bm-QdPPILl47A7VANeLHBFj0XN7_QIqnBru-o6qDrI1WKBZij9piuZde2Ea4DVXEZ0iZXfXTS8GYK9btmsPntjwuLoJ7XvneI-YuKcXz2aw_MRSMmhw6yhUYguXWmvRh5xoumGbE7s5YaFdksNELbKTg8pmwOB_-vWhCzfL6lQeYTvS7PZXNx1HCgv1FTCWgTbRjzfKbV_Fs3-A3wip6oHwfrPNruFjj-DcjE0rCLKYOYVFNG2fr61skBo-8yP2jo6lhqWaxLhaOa6nn6TyptiHVtAp6zAg6S_7CtDtfzeJoA-MP289ba27cqepozw7K5A_VPsN6HghAKVxXZE05TSqlGaC8ATss_Syp7X1Fd5H3vF5nNXdDPjT7QZBkceeqP3pJCuJKgMFOIHbTZ_hz6PPlxxhLyf3ZADVA7MvGaq0T_uYKxKSWLmXdn4UPWyAWNzNvHFePxKPHfUslWXGhr7cUjoOxUs-KbYldW--dVr5NkoYs7zcygpaBiQAAcIOpycaPuXasIHU6URp_eFocbl48BLXtu7in7R54n0cdgnYPHKa1xyNXQI4Xpgh_aowtinQjwaaOQr06PT4PvaPTJIAvSS6aYPN2f4RihN9CmpmUdAOPdJeMSqqWPVNn3ehe40RIP_ccdhHtk52hGfkOnWhEyhYioTlJXnAgneuqY6qX216q78XVsVpATr9VoReE_txP_SqnrdetBgrxLzo5EQMkv_H61XmEGi5OXw5DGy8Q7HkUilC-kMD-Wk00ueeQhO5Mhob-V4YzHLClZyY4RscdWOsv99FhKA1x9x6QTW0giUDUBBUhe9qaILm6HAsE3SkYTg4B2skgFsqcvUk78uPRlLhWaDgZL32cHXJsiN6FXLM2Y6n27gvfP7aSR7sognMCg&cid=CAASJORojpH2Qpb-HS2oFaq8PukQXEb9JSC1AkBTXNwVWgALYkao1w&rfl=2%2Chttps%253A%252F%252Fnasil.yazilir.com%252F%240

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5692ad1b601033a748503f412638d6c62fad71605d4454d3c280c7c6489926c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 3078 47 KB
13 KB 120ms
34ms Script
application/javascript 52.48.240.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481226352&pubId=1&placementId=396796833&adsafe_par&bundleId=&dealId=&bidurl=https://nasil.yazilir.com/
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.240.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-240-104.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 38c64e60e60c23b03b033aaa1f9da6def6b6e607120420208ece2fef4c6c5c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 3078 3 KB
1 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:06:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3078 138 KB
42 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 3078 17 KB
7 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:09:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3078 0
0 51ms
48ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYWUZY346JAdMiIJzXbOQZk3SK6FtDvZ7G8movqWWJpFq_eZhnZEk9kpebRt8VBCrBoXOPbpVaacy_JMduDUdm-WVtlw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3078 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVvlcRNdQtdFwyXkZXbI6ZzYMY6FcvetaHOx5np6Az31WQBJxUzlBVaVC2Dd1np315hdJwwN8hbPdmGvFIEO7og6T3nZt-ZC33JsjK3ngsuZ5A5kA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C59B 5 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
DATA 200
OK truncated
/ Frame C59B 10 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
DATA 200
OK truncated
/ Frame C59B 3 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H3 200 5ea98d0591e3a5001324c569.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/ Frame C59B 2 KB
2 KB 43ms
43ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/5ea98d0591e3a5001324c569.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7511e8cbe4b4f14f147eca95f9c9962459456fa76fe3343d48d4b9d118a1dc2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 112974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2251
x-xss-protection: 0
last-modified: Fri, 22 May 2020 11:04:53 GMT
server: sffe
date: Tue, 28 Jun 2022 22:03:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Jun 2023 22:03:26 GMT

GET
H3 200 5ea98d0591e3a5001324c568.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/ Frame C59B 7 KB
7 KB 46ms
45ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/5ea98d0591e3a5001324c568.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2078ff698393cee1529b6465164ac1550cf1eb781f2f9bf2649cb919cba71696

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 497661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7593
x-xss-protection: 0
last-modified: Fri, 22 May 2020 11:04:53 GMT
server: sffe
date: Fri, 24 Jun 2022 11:11:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Jun 2023 11:11:59 GMT

GET
H3 200 5ec264dce0c61f0013a048d8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/ Frame C59B 4 KB
4 KB 44ms
43ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/5ec264dce0c61f0013a048d8.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72e8c43d48cd49f2ac92a8ce975f60c8b33a6e62a3bbb56e98ba7a4a8598b20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 497661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3861
x-xss-protection: 0
last-modified: Fri, 22 May 2020 11:04:53 GMT
server: sffe
date: Fri, 24 Jun 2022 11:11:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Jun 2023 11:11:59 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B96D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1

43 B
909 B

36ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYoceavQEwAQ&v=APEucNW3iWth7hwD5FhQSqbXbcq-nj3dOtlCQ1BNbO-BL5fzVDnNcfiobn1vTqiVyVBKdMyrXqDdDWAyBRzzpjhRYpAlKMp_ZU1mM7D-eZt71VIKHGG-DsqXhl1N6hgfI8u5NzQEoYit1HKlp8V67oZq_9CnQlWzH9EmLTLpE-IKqE9AZO0s-p4
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72347c8a2efd5c4a-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnVRON%2FHIxCbtIgMVKx3pdCJX4S65zho%2Bt65bvyhqj4EnZ7j8GYLaswLOMbHFCaqfkB1XVuKurbOXK5pagLQyGthwqpc%2BRdQXWbaRdF7TESuc73dNmKqLmzDRDxFocFiOc4JWWpckf9EwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B96D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yr0z-AmURcsaWKEQfoVdlQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1

43 B
908 B

37ms
37ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYoceavQEwAQ&v=APEucNW3iWth7hwD5FhQSqbXbcq-nj3dOtlCQ1BNbO-BL5fzVDnNcfiobn1vTqiVyVBKdMyrXqDdDWAyBRzzpjhRYpAlKMp_ZU1mM7D-eZt71VIKHGG-DsqXhl1N6hgfI8u5NzQEoYit1HKlp8V67oZq_9CnQlWzH9EmLTLpE-IKqE9AZO0s-p4
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72347c8af8215c4a-FRA
pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxtp%2BqqgxLO9o9H%2FgZXrwzlHCX0QgVaoXXK2G3hMFKkzdtieHoSxAC0sW0nJSgfRJPKWRbvW%2BHOlJr4r2cQzxDaYlCtaPStoovUOwxcbYPRLanictVy8G44TKRkjQbhV2FWVI8XH5QLobA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENJ6R2quJlZ1mVG_ml_fzl4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B96D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzca959aJvclj1lwFIVW_M&google_cver=1

43 B
1020 B

19ms
19ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHzca959aJvclj1lwFIVW_M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYoceavQEwAQ&v=APEucNW3iWth7hwD5FhQSqbXbcq-nj3dOtlCQ1BNbO-BL5fzVDnNcfiobn1vTqiVyVBKdMyrXqDdDWAyBRzzpjhRYpAlKMp_ZU1mM7D-eZt71VIKHGG-DsqXhl1N6hgfI8u5NzQEoYit1HKlp8V67oZq_9CnQlWzH9EmLTLpE-IKqE9AZO0s-p4

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:20 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 848f7c7b-e595-4159-a663-5a8745e5f690
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHzca959aJvclj1lwFIVW_M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B96D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE1NDMwNTUwMTI5MTQ4NDE5OQ%3D%3D

170 B
188 B

111ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE1NDMwNTUwMTI5MTQ4NDE5OQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:20 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7c10f4a2-a02f-488e-b55b-543e26bf2405
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE1NDMwNTUwMTI5MTQ4NDE5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 23A7 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 2641 17 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:09:06 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3078 170 KB
59 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 11:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 11:54:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame 3078 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCXS50RAyL2iRn5ZpVnmrWe-ZzE-U9gCuv0o7IztC9wXuRqBV7NPJuj5GFwephXl90UGJQALh8uLJPHHMle5XDxpfJRlIL3x63jiZ2OZq6_ThyIIKK4CI6-_T98fzl6k286EWuXXmD3SobIuP9VoIGZWzSoA&dbm_d=AKAmf-DoE8AlS9GRL9xCyvyyHShOBHbvfolOV7pUplVq-R4AryJ-YkKwnpM9Y2hU8DK5n9NZIM1jO5oREcBRAUvIag9_yp2rONK5cNPkiA-mnY_dmvYI649rUfw7wZLO9ZgUND8cQpG88iFLfLOaVT8WUFh7zRw2jDlHPviCyDTImmBHnUxa2GBEenJePEnLFSLq-E99be7nGUQ6R9Rq-WzkacnTQAf-627U2PWWW1f6QTgQ_XG_E52bVkchs5EaJXM8Upnx_lNPk8AdKkb-dZ-hKF9IZNc2MW159TUdDN-mzlaZZJbi6YFMwqU7nwINX0FFFU8rjlZgUoGtbQAVzLNuFM9eTwGG8UR8Z0XTM5Wxq5lbULUzlRovjAH_Nr1SEH_W4FZP4MnQRpmAvOzRv_wEAZLTyHl-eiMuX3QJIV3N_yXyG3YibClO0ZT1vrXiJHViq6s9oAMCBdfe9hMcWF9PGx8qTgHmz1nqYYPJd0nV4g6RWo8VZ4SyEtUoo_B4Hov6cVCQPPxj7h8d3IX3ewL5Uxni4OqWDrokeGB2001bMp5utmddQ8RoUwbKS7vsHMDi3yT1Y15WYW2gvGyCUqJpsu20eZe5BvXGz3RCbzIZ55C67jcJ4bUCzg198NExi3KpCWw9XBOK2iGd70xOQFBBL9xh8W6xUkUMbOtyzwwlf091lWNGVKILBgXLsyxVfQhWqiIAsDMiHmVbnlI1OIjlqxSFpdW6GnPKkaR7C4QxTIhYMWM_Zy_4ZJYGAaFfKjs8SCIGeilhs4Ceafc_9wis65VRXc8YZYoRPP0x42QigL2auC-9ZxRbSKwTw8oDbvNckbnFHS1TQFrYw5ImM7NAdjxBc9WRDYDfg5siCK-g7OBMLpYde5pWCQcZRmllPbBKE-nx4MVEumLO29_aQLfSSvtoSDM-OwEWgl_QEEI6Pyz-XJ9LkgmH84LneNcdk1P7Y8xRVFHS7Nzm-PuCxDENhSO8toj2x32kRDYPqfPEj-TP-cVezJQ1S-ntAOFc2tUcPZ8UScaATiMLGEFlynQz-nWA9RPzF2X2DOTNria1rXu3RG-h1Z5HB4R4XAqOdjHdEPUM3ed2jyV2kT81xrapZg5ijYmdY5L2OTo0CWEZlfGHXgImFMsiGK1ZNcZS_98g9eAIvBGsrbXbgj9KaobS6o4B1aY0qYBw9rRFTPzfcRcBlfbsLcmFHopa4Z4Sercxk5mpLTshYwYycQ7_Qj4ci6yUzGrcEz_x--KB3nC5cYNLHclpOLlIGFuF4qwJB0YhoRVHr4mtIEbKq3EKZX7qZDcsChhqYR5ITRoHfQKZ7Aam0PY0ePpqrpIcplR0LZVFa3kmbWbSQHy7Xsgadac69cwx2FwrdPVPmpdksd4os67wSCLCSCdlBYiNtJTOzXFxGXam5lUkb4vdhDQtlEFt9r9F2q-RN_06_NVdkp1oTVtj9FPBYBlLpplUdhrpwVtFxi-DMEy4rwim8xgPGmU84qW_kBpkxCO0hSX2HufXNuq0_-stq-7jcJJMWtTSOISWx56uSzAWTxTJUWJK9wxeuXAY568VfCicjMzDQAoThIH1kdK1D84IQLbuTsTVes_YZdxQ5xPuPNvjp_XvFuz-6gbU5tQW_gEPJG95enTH7Q6YAlogfKQ0kRbMrjzJVzZnEjONUsC1ofsHr4lfTN3_5y9vwYK919JB5ziwxgIJ8Qv_N7NtJb_3Gef7RRYHq3o8CeeybPsgyjt_pM7_zzI-yz-5fE870f3KtuZ14Y7aOJXxP1FiBNL5m6d41VEAuif6jG3YMWR7XM5t6sDtGxgZCS65EvGInoonN37irPqMfc7oHpLhC08V6Sj4e5Z441ObtEtKJxpOfluqZiiUYvtBOYOMQR-dWmyJEe7gzchxHOXAptyVASlck2-s78Eux_c7WGbfdOnGplyQNVMrwHvxF0D3iYjuWxsJ9V-9Z4sJqJCkrNzosqyh-F-TVzumyhtU4dMSobKL_tfQvPG9oCKjnvhWjaGybtjHVHDqtr9dn6raB0Vh8mLWsyk9WvJDoSvLL398-AtEs0lr5-a_LYXkjeVyPbmCkq13ik65-QZROWNoOmY6NU0kRaFXEv2H5qzt01lVle5zTKUvbQFw2wgUkPTfkyjmloa71kfYeXVzla7UcV-70IfYrr0_xgChDj9CdUgwP-4JwDamWvtRE1Cws9CvD2fSEpSANnZAUcW1NyznYh1xIlYklP7XC3TPcYHeCbEovmUej21uJkcC9IKyYs4mJZw2yalUxKelvT8uS7gbS_R87q60KkbbdWNjfKKN4M3LYT9pzpwKnk43UYBo3YK-zsEQtMOO22nCM6YYTCRpOknqj6_389DNUE0RP_ym8sJn49GiqmxKC2yWjgrV9Z633D9Wa4ylJm22TQApstPnScdjUPbqqaa2XUSeiC7uLm2SEOeMe-QC4N358U1AGeASVZ7IzbuSyFXEJCA7gJ5HFhDK0Yyv7RzYuHgeN6bwnZM-I4ngPvrYFMGniwDwlZ0X0Bm-QdPPILl47A7VANeLHBFj0XN7_QIqnBru-o6qDrI1WKBZij9piuZde2Ea4DVXEZ0iZXfXTS8GYK9btmsPntjwuLoJ7XvneI-YuKcXz2aw_MRSMmhw6yhUYguXWmvRh5xoumGbE7s5YaFdksNELbKTg8pmwOB_-vWhCzfL6lQeYTvS7PZXNx1HCgv1FTCWgTbRjzfKbV_Fs3-A3wip6oHwfrPNruFjj-DcjE0rCLKYOYVFNG2fr61skBo-8yP2jo6lhqWaxLhaOa6nn6TyptiHVtAp6zAg6S_7CtDtfzeJoA-MP289ba27cqepozw7K5A_VPsN6HghAKVxXZE05TSqlGaC8ATss_Syp7X1Fd5H3vF5nNXdDPjT7QZBkceeqP3pJCuJKgMFOIHbTZ_hz6PPlxxhLyf3ZADVA7MvGaq0T_uYKxKSWLmXdn4UPWyAWNzNvHFePxKPHfUslWXGhr7cUjoOxUs-KbYldW--dVr5NkoYs7zcygpaBiQAAcIOpycaPuXasIHU6URp_eFocbl48BLXtu7in7R54n0cdgnYPHKa1xyNXQI4Xpgh_aowtinQjwaaOQr06PT4PvaPTJIAvSS6aYPN2f4RihN9CmpmUdAOPdJeMSqqWPVNn3ehe40RIP_ccdhHtk52hGfkOnWhEyhYioTlJXnAgneuqY6qX216q78XVsVpATr9VoReE_txP_SqnrdetBgrxLzo5EQMkv_H61XmEGi5OXw5DGy8Q7HkUilC-kMD-Wk00ueeQhO5Mhob-V4YzHLClZyY4RscdWOsv99FhKA1x9x6QTW0giUDUBBUhe9qaILm6HAsE3SkYTg4B2skgFsqcvUk78uPRlLhWaDgZL32cHXJsiN6FXLM2Y6n27gvfP7aSR7sognMCg&cid=CAASJORojpH2Qpb-HS2oFaq8PukQXEb9JSC1AkBTXNwVWgALYkao1w&rfl=2%2Chttps%253A%252F%252Fnasil.yazilir.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 04:53:48 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 3078 27 KB
10 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:20:03 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame C59B 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3078 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 12:00:14 GMT

GET
H2 200 main.gr.19.8.319.js Show response
static.adsafeprotected.com/ Frame 3078 192 KB
61 KB 82ms
16ms Script
application/javascript 2600:9000:21f3:c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.319.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481226352&pubId=1&placementId=396796833&adsafe_par&bundleId=&dealId=&bidurl=https://nasil.yazilir.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:42:27 GMT
content-encoding: gzip
age: 1431834
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Jun 2022 18:01:50 GMT
server: AmazonS3
etag: W/"a1d669bc0776f421280ad4154b1ce523"
vary: Accept-Encoding
x-amz-version-id: mNA7gJwBAdrYqRYSnebG4JRwK6iKHdgs
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: vuHQvqH2IuVB_rHIxzbW_m9ThVCJoA_zFgbt1AayMBTZUlxCr_oE2Q==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D55 1 KB
749 B 40ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 30 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3078 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d6c6f423d9913c29e0a2eb43735be6b983582c36b5c19b5390c466225cf93b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2641 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cbb871e11378ccf1b08fbc6c20ae5f4b95107e85a079be44626a52742d8a844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 893E 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 408366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 12:00:14 GMT
expires: Sun, 25 Jun 2023 12:00:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11079451843356865934/ Frame 9EAB 1 KB
620 B 127ms
48ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1101c398da9c1236e530c0678c0a06286e55319a8712ba032212669716d399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 592
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:26:20 GMT
expires: Fri, 30 Jun 2023 05:26:20 GMT
last-modified: Mon, 25 Apr 2022 12:26:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3078 0
622 B 178ms
78ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMOFgyKWJFseoUc46fc8zfH0-mUWDnT1iVtJdp65sG5yz5589HYn8ESXfd_0zXtIooX1Qy7gLlEsCPmB8E3ytYA5mDbpOzy8uvc40DeIUZbFf-ZuQvIConITsUQ99DbFiV3hYQlMBHcjt30ZxJuTuTfG-zfflBku8a6OFwEzVJjttjz_TsytZK02cBI_CtlPePrG3EZTGtDXj3yCdTcm_U2XlFUA4IN97CcqbcjOnrA035W0XVFdPAu-YE2A1zM4tS9RTdmfWxcl-MuICzZN_jN-0fKKWmbNL5f5P_4Nlh2CtZbMfrOJNxiC7xoPFf6SWi9CG_LlAjPQi6E_AO-2qo8XYd2UCgcLxCbupoMF22rX2vXp6a2fF2tz2WB76DIlV3RX49Oq44M27swx4DAYw3nczkxF2-xsYO_YUh9rnU-wyEralsmXtXJ0Vecyn-vqgI5sWS6OIsBO7qpUgK4qElsAVdyFqjbg_mnKAzMD2b6uFzUfeihbx1Ql3CCaihHxybkj0jXLyb6VPfMr5t3if67PGL_dYtfa7YI8dYRkSlfG1w3yr773GqVe9T2QFOT-D5emGshhNJGCCDG3vXxPzT3U6lU-yvGhA3c7Cs21an49n8H0NzlLGOtWllWqe14ZyCXGz05kK_z3wnxPuE8g3m0HjKkz8jY099RsOqGpsF-wuQxqLTC_f7YexV7gVGXb_nS0B1Ca8gPsLNFp-d3Yfx7J1S7g61qCi455_hlymIsXgwlhxQJGq2Uu5JrSYuYAc-AXTiNF7sM2uatOoDD0E0UtCcWRGZ3ZlY3J2SJ8LL2ro4TsZxwN6b0GKuFVg8MRN6OinQQ-jnv4ZS6N1J2BbvundX3r7kE6ZqwwmkUkscE1NiYjhPW3FZMYkaD3xQodBBcWUqC3FaAMmfHI9UKHKtcb_Iaxrq0yqr1w9syTfqxPscYDdyDdrVmJ1kZwlOtkEQZVqBHg0hbJiUTxUR0BMVG8G_5-0Kmh1-BAfEW35UGtu9ERtR__9KkQBvVm9XU1qc1lZbrhJrXdmgbEGJJXbI0VS7tD9tDhurZS8SyLAbmFiqSc8g_xJ5DgdkDLyTF68mV0Y0wAcmZ13Lj1XY_mKteLG8Sy7fJRsJ2VESIEiFmS8loWC9uJALWs5lrw5b6eHt7avz6-9-liZPjNt-oYuBqjGoLgUegtZtNhZ-ROW1WMecJrBl0xFVJ3gvooKHjeyPWZom3iir8imVcSRbyuIsLzlAoJRnVRBrP6xY_U4g_CS-s9nxPwz5j1S6&sai=AMfl-YRjE9VfHiPuUpaKQi400cC2rY66PRY9lQhUHI7QbR4BRfqqBHxxFbvCThSoONwtUmap5czOSu5-XLXitg_hupIUPP4YN7f943NRIpWDB4yOP_paaFFSzv2dDmMBNzfy6dLYeQeR4pkzTOTFF2BPNb0RuM9-XmR4nNMrd2EdQYQTXT9-mgPqBIIwO-nJNB8pG3lUgzCD-sQynDZbV-pvjQ&sig=Cg0ArKJSzLN6IBjKPqxSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=198&cbvp=1&cstd=191&cisv=r20220628.17366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 30 Jun 2022 05:26:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3078 43 B
1 KB 60ms
17ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=162827716&extPm=322969303&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 30 Jun 2022 05:26:20 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 30 Jun 2022 05:26:20 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5D55 35 B
463 B 37ms
10ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK9wz8VzoOct7-s0Kx_CDLo&google_cver=1&google_push=ARnp8GBMWTXpLsIDrEjgrOqbQHlAsVdwsZ3cxvfsh09YpTn6i3SYdJgZLNLuZzXfWxNk-61qoxlTqtmE8soMMsxaY2ivQHU_mCw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D55
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC33S_Y...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GC33S_Y...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwNTI2MjAwMDAxNTIzNjkxNjIyNw%3D%3D&google_push=ARnp8GC33S_YyLiDaetgWMIXv-5_LQpgJzs470ctlFBwY-uCVPY0OcB0uMq2txLjldgZUm...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwNTI2MjAwMDAxNTIzNjkxNjIyNw%3D%3D&google_push=ARnp8GC33S_YyLiDaetgWMIXv-5_LQpgJzs470ctlFBwY-uCVPY0OcB0uMq2txLjldgZUmpT9FkimgRn8nJQjJcWwjaws2tZfMCA

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MzAwNTI2MjAwMDAxNTIzNjkxNjIyNw%3D%3D&google_push=ARnp8GC33S_YyLiDaetgWMIXv-5_LQpgJzs470ctlFBwY-uCVPY0OcB0uMq2txLjldgZUmpT9FkimgRn8nJQjJcWwjaws2tZfMCA
pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5D55 43 B
351 B 60ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENFJlY4xCUakgvblDLIPL88&google_cver=1&google_push=ARnp8GB3cJs_ki1M5gTKSvKBXtrJRN5Osto70WxVyt7fVwPyGk6zRcSjAIBxtMgDCGd5ArRnHStoK81onhPOEZI2iPPByF765XY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cc92n1bqlmuuf8uv0dsbb3js1kulgelb

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5D55 0
166 B 71ms
17ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMdu0tmCzFiQofPszvB7o3E&google_cver=1&google_push=ARnp8GANmzbLW0sgSuNkJRVum5eU4SgIu0L-SqrAte7sar7-CJj1E8G-kgXlWTfSBOcKNWZ09ayl8Da1cOTS2NGdP-pFVCM7BUgq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D55
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDgWq1G-h1nB52-IsmS7FwM&google_cver=1&google_push=ARnp8GD_m-b2nQQqyLQAhlrIAUNQIJVY1DzlalYpRbS6lmf3dR73ctkxNsUlR7ywQM8-JSlHQlo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwTDM4S0EtMTktSDNRMQ==&google_push=ARnp8GD_m-b2nQQqyLQAhlrIAUNQIJVY1DzlalYpRbS6lmf3dR73ctkxNsUlR7ywQM8-JSlHQlohwad99lhXOpRJWHU-A8SXBJI

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwTDM4S0EtMTktSDNRMQ==&google_push=ARnp8GD_m-b2nQQqyLQAhlrIAUNQIJVY1DzlalYpRbS6lmf3dR73ctkxNsUlR7ywQM8-JSlHQlohwad99lhXOpRJWHU-A8SXBJI

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUwTDM4S0EtMTktSDNRMQ==&google_push=ARnp8GD_m-b2nQQqyLQAhlrIAUNQIJVY1DzlalYpRbS6lmf3dR73ctkxNsUlR7ywQM8-JSlHQlohwad99lhXOpRJWHU-A8SXBJI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D55
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEP-s2ApIBUoQToa_bDH1VA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEP-s2ApIBUoQToa_bDH1VA&google_hm=Yr0z_AmURcsaWKEQfoVdlQAADF8AAAIB&google_nid=index&google_push=ARnp8GC_Usyhn0wzfUjuUuDiDx1nqZT8wwycu...

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEP-s2ApIBUoQToa_bDH1VA&google_hm=Yr0z_AmURcsaWKEQfoVdlQAADF8AAAIB&google_nid=index&google_push=ARnp8GC_Usyhn0wzfUjuUuDiDx1nqZT8wwycuisJ0zVDwxiQxN9eSAnIlr-Lwa0PvBw-SebhMmfrmAfztlAYIf2GeHqM1A85f1A

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YbgXHonQeNGrdmqDlri2ELKVJ4%2Bq9ihp1BlBbCQOCDiyfVt%2FXRgC4wf8gNZnpBuSvQoCmOOG%2FiTEEbdMnLAkqDxYPlOvRCRAuVW5F49%2B1luJ4MnIZoZWmZmV8BBHDe%2BOTXlnHVSxLT3ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEP-s2ApIBUoQToa_bDH1VA&google_hm=Yr0z_AmURcsaWKEQfoVdlQAADF8AAAIB&google_nid=index&google_push=ARnp8GC_Usyhn0wzfUjuUuDiDx1nqZT8wwycuisJ0zVDwxiQxN9eSAnIlr-Lwa0PvBw-SebhMmfrmAfztlAYIf2GeHqM1A85f1A
cache-control: no-cache
cf-ray: 72347c8b2edf68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 5D55 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D55 0
12 B 40ms
40ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1_fArSpLsSKE47WT7Kb4WTkr6tl3fyL4KMMIccSZDeaatKwQRZB8kOy7SLqSSRmTJvhE1rw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 893E 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 7610 80 KB
21 KB 10ms
8ms Script
application/javascript 2600:9000:21f3:c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 05 May 2022 17:40:00 GMT
content-encoding: gzip
age: 4794381
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: I5bDLExkF_e69F73e2zKyFVGfDQtefNI-fKg_mq2wgpOPLo7tcOnbQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 3078 43 B
216 B 46ms
45ms Image
image/gif 52.48.240.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481226352&pubId=1&placementId=396796833&adsafe_par&bundleId=&dealId=&bidurl=https://nasil.yazilir.com/&adsafe_url=https%3A%2F%2Fnasil.yazilir.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fnasil.yazilir.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3821229698992247%26output%3Dhtml%26h%3D600%26adk%3D2194116870%26adf%3D1485496187%26pi%3Dt.aa~a.4087882318~rp.4%26w%3D195%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1656308615%26rafmt%3D1%26to%3Dqs%26pwprc%3D8819069141%26psa%3D0%26format%3D195x600%26url%3Dhttps%253A%252F%252Fnasil.yazilir.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1656566779783%26bpp%3D2%26bdt%3D1607%26idt%3D3%26shv%3Dr20220628%26mjsv%3Dm202206230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D448239f7ea8965ac-22cbd181c2cd0080%253AT%253D1656566779%253ART%253D1656566779%253AS%253DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D495457123522%26frm%3D20%26pv%3D1%26ga_vid%3D618102184.1656566778%26ga_sid%3D1656566779%26ga_hid%3D1452871264%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1115%26ady%3D1347%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31068196%252C42531606%26oid%3D2%26pvsid%3D3792341183982997%26tmod%3D1610760962%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DidrQqx5Qml%26p%3Dhttps%253A%2F%2Fnasil.yazilir.com%26dtd%3D15&adsafe_type=bd&adsafe_jsinfo=,id:d0e6c675-3eb7-dbd0-f31e-c48d4e67d257,c:gZOLt1,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-zp228,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:140,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:159,oid:2c69d0b3-f835-11ec-9748-0aeaa895d7cf,v:19.8.319,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.240.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-240-104.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 258ms
82ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLtr,pingTime:-3,time:184,type:v,im:%7BpBlk:175%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:158%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:184,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:20 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 255ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLts,pingTime:-6,time:185,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:nasil.yazilir.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:20 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 246ms
81ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLtC,pingTime:-2,time:195,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:258,beZ:259,mfA:398,cmA:401,inA:401,inZ:405,prA:405,prZ:410,si:417,poA:417,bl:433,poZ:433,cmZ:433,mfZ:433,loA:443,loZ:446,ltA:453,ltZ:453%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:158%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:195,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,sinceFw:36,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:20 GMT
X-Server-Name: dt43.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9EAB 118 KB
40 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 14:37:50 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9EAB 64 KB
16 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9EAB 112 KB
38 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:26:20 GMT

GET
H3 200 de_DE_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 9EAB 87 KB
27 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27518
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 13:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:34:06 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 211ms
82ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLvy,time:315,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:21 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 893E 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs390_DO9YuDxEdjq3wPD24C4CgAAAAA4AeAEAg&bg=!qKulq-_NAAaLlKKnq5Q7ACkAdvg8WvkQigV95c3CAAGuLfHTXkS4CiFOU9w7FTIZb_EzFCRLh_RUxQIAAABuUgAAAAJoAQcKAEnX730e-xZJz2tlo6stBjyWJw9h24Ltpyq9Ag0G5UpBRLoJegwQA4TmJy8tR25OLpd6QNeqbef33M_KVFDRy1DZmnrx3z0BVE49mQMkysPzRKbOp3jZmQx_1qpru0Qv5x_bX4jOV1YVxVqzojlihPOJz3gTmE-G8MlnSLD8j6gnDXLH0IGbLeqW9TTRV4NFcS0rPy9irwyOZJVgISaFhnx0CnBpS54jq0wtdwjLwgc5quOhRErdXhJedbLlWV80YvvQqpJ0Gk1akgJAosz5fPx2oDJytZZaoTB1M47_c-k716dvFyYSOYv07b1Ec4g_mmc1cn_498bQrNw7x_Vqje5wQ0-x0UqCERPB0EXLo7qhXtVwKIBiS2SzSG2-OEY2NAgCp04D0cQvZuk8EEDE_-IO-CjVpAGpuCMnzJTg0619_3danOX7WaVG8zba6m2meYhNVom4jURcrbHoRnvVOTD6biTiFPptI5_cdsemGXjd-OTvxAqhqC17LcBh4ecqWPjr017RorN2ARxpv75mzGkTBanT3rTunMGFatRQnFKPck1EwxQPGuY1QIOg0qSSiUUh-HQT2BHnjcOgQp_O0DdXx8EcFBGgp6hZsaWdB1RH1zdCmR_Ux0RMuc32ampD1rTOP1yZ6vDYON3eMNNxLlpHShtWRfxsdUat0eCntQZA_k55mZaufu0rpmINtSutRA1xnrcV53Mh43HRHAFeXwUBFdtLJR8aEH-hjGOefmMzGA7WxhJlhrDL6eOX46w20EVStNS20DlH9EtqIdZQKGQGZ2Oux7EPn3oj8T8aZ2IEXQY_ZTMgaTAPjDXzNOQbtnE7iCQVLFdO6or140xEgjo1xmgoQGkMX1OV2J3kiylrUzITT-XXZXudIujKutGhjafY069X1gfSkQL0JQVg4Gsdz_MHto7fz17qULO2mqv7Le6yrlzDVkA5znzzg-LQ1Qb_LeibLZ3mp2LavO8HPt17RIIEQlLrJY6aslGa9yLsKsTfSkmQHQ8XLU0A4n6iH_9ynuwur92QnhozXaoYcl79CuGXlzwG_QZyihhq4NJMdTsvd8q0pH7RKAEpCPeAm_NzxMGXuAy6yRA0lmBuVKqBwlCW1ISrH6gpPkrfJFkyUra7OUeTec0u6MgXQoBN8PD3fC7ssTI0U_NANP0Pxz5j

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3078 0
26 B 127ms
66ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMOFgyKWJFseoUc46fc8zfH0-mUWDnT1iVtJdp65sG5yz5589HYn8ESXfd_0zXtIooX1Qy7gLlEsCPmB8E3ytYA5mDbpOzy8uvc40DeIUZbFf-ZuQvIConITsUQ99DbFiV3hYQlMBHcjt30ZxJuTuTfG-zfflBku8a6OFwEzVJjttjz_TsytZK02cBI_CtlPePrG3EZTGtDXj3yCdTcm_U2XlFUA4IN97CcqbcjOnrA035W0XVFdPAu-YE2A1zM4tS9RTdmfWxcl-MuICzZN_jN-0fKKWmbNL5f5P_4Nlh2CtZbMfrOJNxiC7xoPFf6SWi9CG_LlAjPQi6E_AO-2qo8XYd2UCgcLxCbupoMF22rX2vXp6a2fF2tz2WB76DIlV3RX49Oq44M27swx4DAYw3nczkxF2-xsYO_YUh9rnU-wyEralsmXtXJ0Vecyn-vqgI5sWS6OIsBO7qpUgK4qElsAVdyFqjbg_mnKAzMD2b6uFzUfeihbx1Ql3CCaihHxybkj0jXLyb6VPfMr5t3if67PGL_dYtfa7YI8dYRkSlfG1w3yr773GqVe9T2QFOT-D5emGshhNJGCCDG3vXxPzT3U6lU-yvGhA3c7Cs21an49n8H0NzlLGOtWllWqe14ZyCXGz05kK_z3wnxPuE8g3m0HjKkz8jY099RsOqGpsF-wuQxqLTC_f7YexV7gVGXb_nS0B1Ca8gPsLNFp-d3Yfx7J1S7g61qCi455_hlymIsXgwlhxQJGq2Uu5JrSYuYAc-AXTiNF7sM2uatOoDD0E0UtCcWRGZ3ZlY3J2SJ8LL2ro4TsZxwN6b0GKuFVg8MRN6OinQQ-jnv4ZS6N1J2BbvundX3r7kE6ZqwwmkUkscE1NiYjhPW3FZMYkaD3xQodBBcWUqC3FaAMmfHI9UKHKtcb_Iaxrq0yqr1w9syTfqxPscYDdyDdrVmJ1kZwlOtkEQZVqBHg0hbJiUTxUR0BMVG8G_5-0Kmh1-BAfEW35UGtu9ERtR__9KkQBvVm9XU1qc1lZbrhJrXdmgbEGJJXbI0VS7tD9tDhurZS8SyLAbmFiqSc8g_xJ5DgdkDLyTF68mV0Y0wAcmZ13Lj1XY_mKteLG8Sy7fJRsJ2VESIEiFmS8loWC9uJALWs5lrw5b6eHt7avz6-9-liZPjNt-oYuBqjGoLgUegtZtNhZ-ROW1WMecJrBl0xFVJ3gvooKHjeyPWZom3iir8imVcSRbyuIsLzlAoJRnVRBrP6xY_U4g_CS-s9nxPwz5j1S6&sai=AMfl-YRjE9VfHiPuUpaKQi400cC2rY66PRY9lQhUHI7QbR4BRfqqBHxxFbvCThSoONwtUmap5czOSu5-XLXitg_hupIUPP4YN7f943NRIpWDB4yOP_paaFFSzv2dDmMBNzfy6dLYeQeR4pkzTOTFF2BPNb0RuM9-XmR4nNMrd2EdQYQTXT9-mgPqBIIwO-nJNB8pG3lUgzCD-sQynDZbV-pvjQ&sig=Cg0ArKJSzLN6IBjKPqxSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=474&vt=11&dtpt=276&dett=3&cstd=191&cisv=r20220628.17366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: nasil.yazilir.com
URL: https://nasil.yazilir.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9EAB 7 KB
6 KB 127ms
53ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6057a0f61de74e790b5abe3c4137d798f1f97082224fec5f23b0569bf9ca443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5699
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 80ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLyE,pingTime:-10,time:507,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656566781023%7C%7C1a29de652e91605c3152b6aa7ccbb7fd%7C%7C8203953bb098b7ae8a102827ac834317%7C%7C928332bd1dcf99b5b0b2c4f68e30eb24%7C%7Ce06396d5b014a8df569dfc13b67a2d7a%7C%7C5b4d93b2494a41a1af6a29917603ffe4%7C%7C6e2886fe9e90aac7ee8d6d242458f2bc%7C%7Cc4c5dc29ba01e7b066f357a22aa2074b%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3821229698992247&output=html&h=600&adk=2194116870&adf=1485496187&pi=t.aa~a.4087882318~rp.4&w=195&fwrn=4&fwrnh=100&lmt=1656308615&rafmt=1&to=qs&pwprc=8819069141&psa=0&format=195x600&url=https%3A%2F%2Fnasil.yazilir.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656566779783&bpp=2&bdt=1607&idt=3&shv=r20220628&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D448239f7ea8965ac-22cbd181c2cd0080%3AT%3D1656566779%3ART%3D1656566779%3AS%3DALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA&prev_fmts=0x0&nras=2&correlator=495457123522&frm=20&pv=1&ga_vid=618102184.1656566778&ga_sid=1656566779&ga_hid=1452871264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068196%2C42531606&oid=2&pvsid=3792341183982997&tmod=1610760962&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=idrQqx5Qml&p=https%3A//nasil.yazilir.com&dtd=15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:21 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9EAB 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 05:26:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 50ms
50ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220628&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4205c4bc7f5328b3857586d06c021bdc7e4c7c2e20667dc9f5a4e84077d8d12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 05:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10410
x-xss-protection: 0

GET
H3 200 160x600_NH_D_EU_Germany-Windows-European.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 9EAB 25 KB
25 KB 40ms
40ms XHR
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/160x600_NH_D_EU_Germany-Windows-European.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f25dee315c1ea0d8fb42dbae8db718d919fa4633d5b8e3f42b7a867cdf2dc719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:16:10 GMT
x-content-type-options: nosniff
age: 611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25467
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 12:47:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:31:10 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame DC53 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 80ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLAE,time:631,type:e,im:%7BpLoad:591%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:631,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B486~0%5D,as:%5B486~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:83,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:21 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
BLOB 200
OK ad0c0348-5d9c-44ba-8061-63abe7cf4652
https://s0.2mdn.net/ Frame 9EAB 25 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/ad0c0348-5d9c-44ba-8061-63abe7cf4652
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f25dee315c1ea0d8fb42dbae8db718d919fa4633d5b8e3f42b7a867cdf2dc719

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 25467
Content-Type: image/jpeg

GET
H3 200 de_DE_imageanimation_NH_D_EU_Germany-Windows-European_160x600.js Show response
s0.2mdn.net/creatives/assets/2987685/ Frame 9EAB 40 KB
23 KB 40ms
40ms XHR
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_D_EU_Germany-Windows-European_160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d77f2f0730b0b97dbf3d6edd3a4694d1b35e67e862c992e57db06cd785b4055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23653
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 07:05:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:31:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 05:26:21 GMT

GET
H3 200 js-animation_de_DE_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 9EAB 66 KB
18 KB 39ms
39ms XHR
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11079451843356865934/index.html?e=69&leftOffset=0&topOffset=0&c=cPCeDClASW&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18063
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 17:53:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Jun 2022 05:34:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3318 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 21:50:04 GMT
expires: Thu, 29 Jun 2023 21:50:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D35E 783 B
533 B 131ms
50ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a26c3d09946d5f9f8f681908d15331fe5d3785966896cd0b84482a7c35dc3714

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A0Zj_HTofaxzpRpEvoc2dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nasil.yazilir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-A0Zj_HTofaxzpRpEvoc2dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 05:26:21 GMT
expires: Thu, 30 Jun 2022 05:26:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 NH_D_EU_Germany-Windows-European;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4N_xk7jU-AIVWPV3Ch3DLQCnEAAYACDEm9JNQhMIn5jWk7jU-AIVECcYCh02egCP;stragg=1;&timestamp=1656566781260;str=LH/NULL/139/amadeusBestPrice/ Frame 3078 42 B
494 B 173ms
73ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4N_xk7jU-AIVWPV3Ch3DLQCnEAAYACDEm9JNQhMIn5jWk7jU-AIVECcYCh02egCP;stragg=1;&timestamp=1656566781260;str=LH/NULL/139/amadeusBestPrice/NH_D_EU_Germany-Windows-European;strtype=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3318 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:22:50 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 3078 43 B
301 B 80ms
80ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=d0e6c675-3eb7-dbd0-f31e-c48d4e67d257&tv=%7Bc:gZOLCH,time:758,type:e,im:%7Bpci:%7Btdr:506%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:758,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:158,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B614~0%5D,as:%5B614~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:88,fm:tadrocB+11%7C12%7C131*.925113%7C1311%7C1312%7C1313%7C1314%7C1411%7C151%7C152,idMap:131*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Jun 2022 05:26:21 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
DATA 200
OK truncated
/ Frame 9EAB 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2641 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0FWC5VaB_hMo8hM1CwiEombHpq8VIyPL7w1ZPCfkyshb4kic-YnyNieSF5rEDqaYdblVpLzyLnfTn4xZMyw8-KESzexEHGs7YU7m32ev_ezQ9AWpttmRJjOs6s0ELYgF6zoq2RQ&sai=AMfl-YQOWT9vkh-nD3GRGHswm1d1sPTNCiaykT04UvLZBu6pJucv3rUfTwBGELdVg7sZlqDJ3QZvZ38Xk1RZ&sig=Cg0ArKJSzEmQV6RKpHVsEAE&id=lidar2&mcvt=1096&p=0,1,124.25,1006&mtos=0,971,1096,1096,1096&tos=0,971,125,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656566779867&rpt=537&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 05:26:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D35E 0
0 72ms
72ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220628&jk=3792341183982997&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3318 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3_VeZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 05:26:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220628&jk=3792341183982997&bg=!bW6lbirNAAaLlKKnq5Q7ACkAdvg8Wh2t5xgPBYIFuV-7_9VOUNDibp0IIDFSLlReOQEFa4pY27LI5QIAAADcUgAAAARoAQeZAsPJj3EjzgE_0ceJ1yxdhi0LxuYB8Cm6gZaOs6BtEz17GeogQf3psyKLkKCkHeNgspUre5EtCOHpvlSFYkY088AcU0PFvIpNtGFP33xuyityFkfNC9PeftB_0QIErq7Ion87pPVhF2dd3pHL-y_LNWqiz-BUmezanE2t8HSi_19urcaXmBaZXVnME6lgYCRAGusMJ0ORp10qrTHSV9kgzXphXpHrZZXoEIqzbM9DgPeoJeRU-NgRXFEsQyWli80gX8rQvVVdlyMrw1K5bzVlD8IF1NoIQm7Wix7Ar-T6_MDsOywfd606-z6oK2XkGyb_M7xS3mFEIhP3NmHabLi766kdd6hfEunDsSofbM1WuyPApYsLRm7JXScF5Xe57LYjjdRhqkNYY7-2DxqUlcKVu4UIyne29oe5A54-1OCSo4EjV_kxdntaWwUF1ZKocoZfOSCvg1MXUyBO4GJL6Gj_4agnElfY_oU9MqWjF3WKNa2WY5D3MXgxFvEZJXxRusXW5JwKexOt6d0aE8rnG4OknfyCtBDBEfEYdq6rluE4ncF5yF1TUYvuSdDhCKJbUn2f2gpKOX-WFIAqIZfaLGgmtHflOHp70UnY-ReZLccfg_AlG7hh2bKy0Q8PfKoL2dYkQd-0WFc1M6-8Ib9zVZZwxr2CWQf9kYbGOTrUDajlgB4DNQGWO5CrcYqnvjP4t74sY5QswLsq2CMIvsIzg_Yl2us1HdDWdxLYlyJLQUkYn752EpvGPwvoa2ZbcCLCZAelovSwpaEfLf1GDDdle8iBVMw_k9w9svo46cAiiKSIJziKOuPJJEXxxiWHXXAObWL3zkVSwl-vbPe8LW32n-u4r1CUUqJkHO7vfL0YHqh8NTvA99G395GU9B1BIeXXrdG1VrzFuw2CmCX8VFfM5WhVujhbyR56UU0oBUVByrzwkDSzr0Hm-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nasil.yazilir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPlsnwfJUv_ooBJyPnBj-3c&google_cver=1&google_push=ARnp8GCTYFsTow618VdAS5AXZ2jxC8TAPeJPTzCSlZglMXaNFVOMsvh3SbbA77DWrp4y1zynBoyh3nzJ8JsanmVIY2RKzcFwLRUP9w

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nasil.yazilir.com/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.yazilir.com/	1970-01-20 21:40:38	Name: _ga Value: GA1.2.618102184.1656566778
.yazilir.com/	1970-01-20 04:10:53	Name: _gid Value: GA1.2.1108500686.1656566778
.yazilir.com/	1970-01-20 04:09:26	Name: _gat Value: 1
.yazilir.com/	1970-01-20 12:55:02	Name: _ym_uid Value: 1656566779741551216
.yazilir.com/	1970-01-20 12:55:02	Name: _ym_d Value: 1656566779
.yazilir.com/	1970-01-20 04:10:38	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 04:09:27	Name: sync_cookie_csrf Value: 2390894297fake
.mc.yandex.ru/	1970-01-20 04:09:27	Name: sync_cookie_csrf Value: 413424616fake
.yandex.com/	1970-01-20 12:55:02	Name: yandexuid Value: 6117658681656566778
.yandex.com/	1970-01-20 12:55:02	Name: yuidss Value: 6117658681656566778
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 498752291656566778
.yandex.com/	1970-01-23 19:45:26	Name: i Value: UDgIQkWd0ftznDyef9uLW16cxHP2UKY7+v/ST+E7SFPLO6vlYBZTrzLbdMBcO/8HZ92NETa2Z+ngTW5uupGpM/OiiU0=
.yandex.com/	1970-01-20 12:55:02	Name: ymex Value: 1688102778.yrts.1656566778#1688102778.yrtsi.1656566778
.yazilir.com/	1970-01-20 13:31:02	Name: __gads Value: ID=448239f7ea8965ac-22cbd181c2cd0080:T=1656566779:RT=1656566779:S=ALNI_MaGIF-wHivvbFTUUy15fm8rnhYUFA
.doubleclick.net/	1970-01-20 13:31:02	Name: IDE Value: AHWqTUlg7t8QBrmf67NdC9EQICfZ9rdq18WhCCDbV_sDaBgUwWtOjm5zG63WKryMcD4
.adnxs.com/	1970-01-20 06:19:02	Name: uuid2 Value: 9154305501291484199
.casalemedia.com/	1970-01-20 12:55:02	Name: CMID Value: Yr0z-AmURcsaWKEQfoVdlQAA
.casalemedia.com/	1970-01-20 06:19:02	Name: CMPS Value: 3167
.casalemedia.com/	1970-01-20 06:19:02	Name: CMPRO Value: 3167
.doubleclick.net/	1970-01-20 04:09:30	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 06:19:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In4w9-ZU!]tbPl1M>e)ZlrFUfJ+tGXxo3@LAm4[Jdk-AeV=)D<AE(F6=Hp^NCisCe*/$3If)y3KL9D3I?-%15Xq'
.quantserve.com/	1970-01-20 06:19:02	Name: d Value: EH4BCQHAJoEA
.quantserve.com/	1970-01-20 13:39:41	Name: mc Value: 62bd33fc-9ea0e-a2e91-00361
.casalemedia.com/	1970-01-20 06:19:02	Name: CMTS Value: 1177
.e.dlx.addthis.com/	1970-01-20 13:39:41	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:39:41	Name: na_id Value: 2022063005262000015236916227
.addthis.com/	1970-01-20 13:39:41	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:39:41	Name: uid Value: 62bd33fc771d529c
.addthis.com/	1970-01-20 13:39:41	Name: ouid Value: 62bd33fc000111ae3fc0ae4e2931cccb4b88bee35371c7a58601
.dlx.addthis.com/	1970-01-20 04:52:38	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:52:38	Name: na_sr Value: 20220630
.dlx.addthis.com/	1970-01-20 04:09:26	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:52:38	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9685.DwEAFS4b3fU96971isKx0vAerbe1twSm9kDcDE757-P0DGtcgXSLYNxTljd74Onsrb286-n8LdCDQf44InwggA%2C%2C.rW5V_EVbIZi47jkpr9Ym4s89Z14%2C Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15600726256068900009/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPlsnwfJUv_ooBJyPnBj-3c&google_cver=1&google_push=ARnp8GCTYFsTow618VdAS5AXZ2jxC8TAPeJPTzCSlZglMXaNFVOMsvh3SbbA77DWrp4y1zynBoyh3nzJ8JsanmVIY2RKzcFwLRUP9w Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
image6.pubmatic.com
m.exactag.com
mc.yandex.com
mc.yandex.ru
nasil.yazilir.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
104.18.19.126
104.244.36.20
104.92.72.137
142.250.185.98
142.250.186.162
172.217.16.130
185.33.220.240
185.64.190.78
213.202.235.8
2600:9000:21f3:c00:8:48e:53c0:93a1
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a02:6b8::1:119
35.186.253.211
52.48.240.104
69.173.144.138
89.252.186.3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a97735f726b079fdc9d76d736612b04a6a38af926b3a801f37bf0b0c62fdfc6
2078ff698393cee1529b6465164ac1550cf1eb781f2f9bf2649cb919cba71696
21590fb887a7b957045c40e12cdfce72c765b0185d1d416af0e70cfdc981d29f
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
24ee774507b952ea1176bb86541c447a695d52b1bce12762e222f4bb6e26c811
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
38c64e60e60c23b03b033aaa1f9da6def6b6e607120420208ece2fef4c6c5c13
4205c4bc7f5328b3857586d06c021bdc7e4c7c2e20667dc9f5a4e84077d8d12c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7a45ad7dc562deb9c4fc51d671a93af1ce14e9176011f42265c0ddcf724571
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5692ad1b601033a748503f412638d6c62fad71605d4454d3c280c7c6489926c9
5946798a8259febe8c5b3a6acd2d61a0cf4b0858be62d135fc6e6b31c581ff4d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
5f95eb7067891c4769b30ce349da4b4695febdd9e79d59e929937da404601747
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d0b223476230f6fc5544cca45484091122cec34c4fa9463c9cc567f889218c
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
69d599decda305a43f071f182ef93be914b2d1b8fb11b952aa5642d4ef0fe6a3
6b1101c398da9c1236e530c0678c0a06286e55319a8712ba032212669716d399
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
86cd1bfbb2db0c9372d5908252af20ad6a7a327d41d8985c48f8a5bec51686c7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cbb871e11378ccf1b08fbc6c20ae5f4b95107e85a079be44626a52742d8a844
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0
95d6c6f423d9913c29e0a2eb43735be6b983582c36b5c19b5390c466225cf93b
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d77f2f0730b0b97dbf3d6edd3a4694d1b35e67e862c992e57db06cd785b4055
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a26c3d09946d5f9f8f681908d15331fe5d3785966896cd0b84482a7c35dc3714
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b72e8c43d48cd49f2ac92a8ce975f60c8b33a6e62a3bbb56e98ba7a4a8598b20
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
ba948aa364465e6bd6d648eca16678f411b05de0a427100b35a5100fd6c87cb8
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bff8b2d3fce7ece7f6176fe724a7e3af647f4f75e1a217f0b07af1c30359e584
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
caaa79498322c936e981fffeb155c482f2aa11cceaeded35c74b6057a83135be
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7511e8cbe4b4f14f147eca95f9c9962459456fa76fe3343d48d4b9d118a1dc2
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
e670be33218163350d7cf5618a4fd34606ef8c4b6b45ff4ab4ca60cbedde2b6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25dee315c1ea0d8fb42dbae8db718d919fa4633d5b8e3f42b7a867cdf2dc719
f6057a0f61de74e790b5abe3c4137d798f1f97082224fec5f23b0569bf9ca443
f6c38c1ee94cdce57161db93768fbcabb33e1189c1a68ddd9d2ce1b9cfe035a4

nasil.yazilir.com Open in urlscan Pro 89.252.186.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

91 %HTTPS

52 %IPv6

24 Domains

32 Subdomains

27 IPs

8 Countries

1424 kBTransfer

4008 kBSize

34 Cookies

2 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

nasil.yazilir.com Open in urlscan Pro
89.252.186.3 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

91 %
HTTPS

52 %
IPv6

24
Domains

32
Subdomains

27
IPs

8
Countries

1424 kB
Transfer

4008 kB
Size

34
Cookies

121 HTTP transactions
7 data transactions