hurriyet.gen.tr Open in urlscan Pro
2606:4700:3036::ac43:8967 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hurriyet.gen.tr/
Submission: On January 30 via manual (January 30th 2023, 6:56:28 am UTC) from TR — Scanned from DE

Summary HTTP 119 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 9 countries across 31 domains to perform 119 HTTP transactions. The main IP is 2606:4700:3036::ac43:8967, located in United States and belongs to CLOUDFLARENET, US. The main domain is hurriyet.gen.tr.

This is the only time hurriyet.gen.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3036::ac43:8967	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	104.248.207.50 104.248.207.50	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	134.209.192.77 134.209.192.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.157.212.215 35.157.212.215	16509 (AMAZON-02) (AMAZON-02)
1 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 2	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.67.134.223 23.67.134.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
119	35

22 2606:4700:3036::ac43:8967 (United States)

ASN13335 (CLOUDFLARENET, US)

hurriyet.gen.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.248.207.50 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

chopose.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.192.77 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

parkaevant.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.212.215 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-212-215.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.36 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.134.223 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	hurriyet.gen.tr hurriyet.gen.tr	546 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 pix.eu.criteo.net — Cisco Umbrella Rank: 7989 csm.eu.criteo.net — Cisco Umbrella Rank: 7891	128 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	274 KB
15	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 184	37 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27638 ad4m.at — Cisco Umbrella Rank: 9391 assets.ad4m.at — Cisco Umbrella Rank: 39464	407 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12826 ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9566	46 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8741	818 B
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 66678	593 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 67818	371 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1232	459 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938 static-de.ad4mat.net — Cisco Umbrella Rank: 113105	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	97 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	63 KB
2	gstatic.com fonts.gstatic.com	15 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	46 KB
2	chopose.icu chopose.icu	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	119 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 57500	674 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15368	696 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 98169	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 76484	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 725	338 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1006	356 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 596	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 661	759 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2918	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	610 B
1	pp.ua parkaevant.pp.ua	20 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
119	31

	Domain	Requested by
22	hurriyet.gen.tr	hurriyet.gen.tr
9	static.criteo.net	ads.eu.criteo.com static.criteo.net
9	pagead2.googlesyndication.com	hurriyet.gen.tr pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	pix.eu.criteo.net	ads.eu.criteo.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com hurriyet.gen.tr
6	assets.ad4m.at	as.ad4m.at
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	cm.g.doubleclick.net	1 redirects hurriyet.gen.tr googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	sync.teads.tv	1 redirects hurriyet.gen.tr
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.youtube.com	hurriyet.gen.tr www.youtube.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	hurriyet.gen.tr
2	chopose.icu	hurriyet.gen.tr
2	www.googletagmanager.com	hurriyet.gen.tr
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	hurriyet.gen.tr
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	hurriyet.gen.tr
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	parkaevant.pp.ua	hurriyet.gen.tr
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
119	43

This site contains links to these domains. Also see Links.

Domain
wordpress.org
spicethemes.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
chopose.icu R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
parkaevant.pp.ua R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://hurriyet.gen.tr/
Frame ID: E7467ECF405DEB3014DA3A32F4064952
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
Frame ID: 510A40D548D21930A8368B5BE02DEBC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&adk=1812271804&adf=3025194257&lmt=1675061783&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Fhurriyet.gen.tr%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1675061782937&bpp=3&bdt=456&idt=273&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5854684907016&frm=20&pv=2&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: CE90F04F7D6B87B02DD085EAFE6F77E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7
Frame ID: 855CE5F361D682F4871AF952A2C36ED7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=2681522106&adf=716454379&pi=t.aa~a.1785515963~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=1110x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=1&bdt=1061&idt=0&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0%2C350x280&nras=3&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=4153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WLZZ0JMdhI&p=http%3A//hurriyet.gen.tr&dtd=33
Frame ID: 33FBD71104FCCAD3F53B90F5C3F9676D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
Frame ID: F38D5E2536D6549CA3A8F25531D9AD08
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9dqFwAEUX8CO8jkAAlwQPb7-YhndPPcbEa0_Q&u=%7Ck%2B%2FeQMtsieKKXat3yt6d1hcn2c6%2BlxdozYZcYwTRPW8%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKyHV8GqxwOuiUJNSRFI4_1l1J5g0ndcVrm2g3077Fr1kcIjW5L2CjbVV1IIUFi8BkqU7sXCoarxa3GXKjtLvuYY-c4womCIYx7JoOWdudrusrrcc-O2QsLEMe0WShwyowwcs6Bb79SqsltTOTXXo8RWqZEZBmf7iLiUTXSB2LKha_zFACW9WIXfKd3Dze352FouHK697jTRCJYXME4bkQ_i19yqA2gEjIcj-34q0YH14bhCaVI8TgwEZFt9nq3pcdLKgWuX8P29sUUh6tAPRtWSQ2nlc4gRlcmzlcwwQeBiLLEBKPEnPoz6I9niXB9FWIhd6vcfteaTA88x93t-C21pDdW1MONHSFZ_SRTiHgv48YMb9OUVUJcdKtlJ6Jkv24dk349k7VvzjH07ICqS3QEawC-sfrNx2S1Z7n_4ja07RQeIBL7KipGuPM97s9S2aKwzCAQCuXIyaxMMmPWAOgzLvLpJ1m3wS4aufMC735_TL-dhbHRrBLcnniOS_27S3bp4me3v9z1lkVQ5Y0mD_Wz_wOLzW06aF1arXOngRlJlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6g2qF2rXY_-iEeSR78EPwOCl0AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MTE4MzA2OTQxNjEyMDbIAQmpAthR_5RtO7I-qAMBqgTKAU_Q7FX1sq_sYJ8RZgIQtHF0-_P5hDPxKXgmnH52BGa62limXm4ugJb6XAoafvz6OXO9GWo8ys0TYrHIGxtHgx1I0U5MAi8ZE9L0y2wo0BpWZPuDNyZb6tEJsHkBghSfyPtBzKfsVLSLIvJUO5rloLJlSPtkFQcSw0pJ-ahzJnPViHELqjktzuPwFObd0gFYIMUurT3XWnNPnuDdvF1OPvsSTOHZC6BW8QDE1bdRh8O_1CQy8OnFJszdCiyW2Dd2bzxeGYNgUfjLa4WABvGWoJ30qOfpNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_3AcDgKA_4U57jzsTo4_fSdSH6Q%26client%3Dca-pub-3511830694161206%26adurl%3D
Frame ID: 804CC8C2ED3209B5A50093A7076DCD32
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CJCoqF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzAFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8TYYis1fNHdZaduNQdErpsJHUkS5SpFlWipH7yoLbsfTNIl03upCABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzUxMTgzMDY5NDE2MTIwNhgA&sigh=z16C7NkYN4A&uach_m=[UACH]&cid=CAQSPADUE5ymAKB02UW35NSkfVcw-VpLTWt_QCcLyB8I7ME0dKBoVZBfHm3jAQxU3qFebvhoZ3xqGnC8VF5R0hgBIBM
Frame ID: EFCCD02C8A7CCCDB4964D24D240FFB9B
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kv0hqrcp0x26hx3z5rna6f772nexeryvt7xjt8mdzj7wy25f9m5nnx5x0m61450v7gdxrmwszr4f33t1wdzwx53qg91jga3hj6zt38psjh4svrj5w7canz5a158mhdqpg3qjxg8p9sya62qab1kp0s6bwtgj9c6hhyxkqkyfyxveb8v929mvbvcy5s50n5vper6q0v90wcs4mbjmb68r12682sc73ayn8xzcwmahj33fy71kaq44dcveqe3jpr70k7mx1s1rp25ryhmtt82ajryvs2nv17nwdyc6n4rmvyn69xxqe7a2er32t09ym0wd6nkpp8wd3pcpxcnbnwpk3tr9xvg5t9enb5pqsdtjhfd4vrv0rw27mnz5wdep0k8f9tzdx3m7x204qy41t2h73qgvw122aberfg62eqt7m7vnhwtew3ae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%26client%3Dca-pub-3511830694161206%26adurl%3D
Frame ID: D6C58ADC62F4E37927E154979ED73ADE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4184439FEC0D550C481BFFDE123AA2A7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 223DC837866BC1A6F8F8C18ABE03DAC0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Frame ID: 0E7D4539C3BA00A8622F507A2319C1F8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D6F2320595505CE3E772CC6B39D8209
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DCBA31C88B0036D5D7241C01DD841086
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hurriyet.gen.tr

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

119
Requests

72 %
HTTPS

64 %
IPv6

31
Domains

43
Subdomains

35
IPs

9
Countries

1847 kB
Transfer

4516 kB
Size

25
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://spicethemes.com/spiko-wordpress-theme
Title: Spiko

Search URL Search Domain Scan URL

URL: https://spicethemes.com/
Title: Spicethemes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

http://chopose.icu/?pus=grrtcztemm5ha3ddf44dcnzv&sub1=&sub2=&sub3=&sub4=&gmt=0 HTTP 307
https://chopose.icu/?pus=grrtcztemm5ha3ddf44dcnzv&sub1=&sub2=&sub3=&sub4=&gmt=0

Request Chain 66

https://d.agkn.com/pixel/2175/?google_gid=CAESEJwZl3aLT5eUlBjK80WkMxg&google_cver=1&google_push=Aa02lx9qA-wBnx1Qw5Ewc1YXq4ZCN3jsxfzt7mTn0-6ayjY7tr8fAcZZBDBli8Z9_RkaKW_wEZCoqys-GYfeiA9VTkZn4FOcMYK0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9qA-wBnx1Qw5Ewc1YXq4ZCN3jsxfzt7mTn0-6ayjY7tr8fAcZZBDBli8Z9_RkaKW_wEZCoqys-GYfeiA9VTkZn4FOcMYK0&google_hm=Q0FFU0VKd1psM2FMVDVlVWxCaks4MFdrTXhn

Request Chain 69

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBqPKtiV-OhRWn7mFXUrHe8&google_cver=1&google_push=Aa02lx-EZcUxt_Gfk76h4Ux9A3g7j1WP-lXv-vq8uirD2RbmaogI9oWGcRKvGQm4m8U1nk-7E6pFNsYlpACPwLVwqMl1XOuxT8mXqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-EZcUxt_Gfk76h4Ux9A3g7j1WP-lXv-vq8uirD2RbmaogI9oWGcRKvGQm4m8U1nk-7E6pFNsYlpACPwLVwqMl1XOuxT8mXqw

Request Chain 71

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL52HBDCjSP0DWsGQy_sM34&google_cver=1&google_push=Aa02lx9UKVyKncrJvVfPzzVVOrazJzeRPkQjd7ARZcagPFJV8aWLr925YxffnkTGEyiUvTbmSzY-o_64RblhwRni0K2Ppoo8zYQ68YE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9UKVyKncrJvVfPzzVVOrazJzeRPkQjd7ARZcagPFJV8aWLr925YxffnkTGEyiUvTbmSzY-o_64RblhwRni0K2Ppoo8zYQ68YE HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 101

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJCagbXb7vwCFZm4dwodzYoDiQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 104

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKibgbXb7vwCFQKhewodBvsM1g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023013007562481037451491X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 107

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1675061784_35cf8250-a06b-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hurriyet.gen.tr/ 53 KB
13 KB 327ms
212ms Document
text/html 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6c66a615ea2a4cfc0a607805656b7d29fa3ed6e95ace494330002867d8424cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 79184eab29db9191-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 06:56:22 GMT
Link: <https://hurriyet.gen.tr/wp-json/>; rel="https://api.w.org/"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnEBphiKhFnKgWdzzHfaeMxuS78r0cYNDygsweKzuzDcgFCqrHla%2BDSP9hRTPYd4lEVs55y5UWUALgjGPgY2CYLprMrrsVipPt1lz1%2BgC5TJs%2Fx4PMDytLWkkRJxY8ANM7ULlL1PDe%2FcwqPYzJY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 113ms
51ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y0NWVC08XE

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e167e37922b1e3ed495c8cccd8738512680235f366074acac96e9de67a9324b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 06:56:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 146ms
72ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3511830694161206

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

001ffd1a22716242c216fb0041b6184538c2acbf2b4007a22589d9f0423d4f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Origin: http://hurriyet.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50257
x-xss-protection: 0
server: cafe
etag: 9835051072220599161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 06:56:22 GMT

GET
H2 200 / Show response
chopose.icu/ 19 KB
19 KB 136ms
34ms Script
application/javascript 104.248.207.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://chopose.icu/?re=grrtcztemm5ha3ddf44dcnzv

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.248.207.50 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3e4b476bd4acc91c256c323ec24f60cb542d5a4df7c7821116ffb725661b97d7

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:56:22 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
parkaevant.pp.ua/ 20 KB
20 KB 142ms
30ms Script
application/javascript 134.209.192.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://parkaevant.pp.ua/?te=hbtgkyzwmm5ha3ddf43tenzr

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bbf93035a7a1bd4e156113433cbcce6916e4c5f2a132bdddb20293e97aba6b5b

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:56:22 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK style.min.css
hurriyet.gen.tr/wp-includes/css/dist/block-library/ 93 KB
13 KB 34ms
31ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 11 Nov 2022 14:56:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"636e62ad-172a9"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iW6Z%2BJg9m9dP1Aecrkp8ufbFpHN7Iat3jEp1RGLt%2FWPdGGpp41Vtt5wbNXkJNw5xPMSte7hR1kUHFyPF4n694dcl9bXif2dDQ%2FW22nn89EX9bCkWURs4OdwFLn7GWOWCak88U6jgKrSuKXNUAQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79184eac8b929191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK classic-themes.min.css
hurriyet.gen.tr/wp-includes/css/ 217 B
955 B 49ms
40ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 25 Oct 2022 13:45:16 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"6357e86c-d9"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4skBz1fFTtQYBUG%2BKDHlMMz8wdMP37yjqUtTvrAofUVP0XKE0NqWzn1i48wD8CC4vJv3mhFbNcv6vAnww347u4skzU%2FbRXi2xpegkRcpWSN6RqHvrydJl2EJJ%2FGYkx9KSHc%2BDEGSWYUpOWuryzM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79184eac9b37bb9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK screen.min.css
hurriyet.gen.tr/wp-content/plugins/table-of-contents-plus/ 1 KB
1 KB 30ms
21ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1183608
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 30 Apr 2022 11:12:04 GMT
Server: cloudflare
ETag: W/"626d1984-484"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0eNAe9K7644VuSZanoZO%2FPItBdTuVCHAePlsbaiEnaumJ%2FHy%2FfLuoAR5XPF8oXc5WJFX2dXzmqOWsIPveJ7QKOMsCnkUVJIiR4YRoLhg0DMJ4QpGHrDF20cVCMTX4lFhoql1kLGgXWVtK1dIrE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eac9ea5924d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap.min.css
hurriyet.gen.tr/wp-content/themes/spiko/assets/css/ 141 KB
21 KB 56ms
47ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/bootstrap.min.css?ver=4.0.0
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f8d728d935edbf2aeae36b6b3d96634885dbd474ddd1cc7d80711449109221b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1099430
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-235bf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWH23zK2gxL6AM1z2%2FaCwDwVGcHupmwng8AllfHjRaKuECIVypIkJNhNnrqSsgya1Q1c0ByCdungIchFALHwFOEcJL1KMq1raL1Vuj0Glz%2Fdr1Y6wLkC0Pswc2g%2Bqh9p621Cp7vRKxiVOu%2BwbBs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eac9e645c38-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
hurriyet.gen.tr/wp-content/themes/spiko/ 177 KB
35 KB 27ms
18ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/style.css?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93816c154fcf24ff932fbadeb7d4e8545b2b1596a5277cbc87bbd221be8e60f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 52851
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-2c5f4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B4haG3629Udhmc193z2iaTl9z%2BBtcz5qgLQcXZaXS0YTkSczOHXh4l0tulJUfWfLeMjm2tu0zC%2BEP3klOdjDKMFlwXqH0rMiOrhB2%2BfqiDAe9rTc9W%2FDh5cz%2BurzknjJd8ZIuOIExi1vxLgkjg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eac9c272c71-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.smartmenus.bootstrap-4.css
hurriyet.gen.tr/wp-content/themes/spiko/assets/css/ 6 KB
2 KB 29ms
20ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/jquery.smartmenus.bootstrap-4.css?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e0a0774c2eaac2718d0cc05990d857acaf1115d4301b16ec2c96a783893bfa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 49465
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-18d9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgG%2BGKL03uuJVnQcnGEWez3dyCZK5szhu0HPNQtgfc09cZaoxYYF0LTX8Iiio5muM7UKDpbqqy43wK5wHyT37Pb327KjSV1nJlpFkzQfHGTrsCP%2BJPRxCDMWgRjURpFpeYdE20hZC7oeFPtAvL4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eac998a9186-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=6.1.1

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 06:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:30:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Jan 2023 06:56:22 GMT

GET
H/1.1 200
OK owl.carousel.css
hurriyet.gen.tr/wp-content/themes/spiko/assets/css/ 5 KB
2 KB 40ms
12ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/owl.carousel.css?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b5c0408ee742b09422d0307235b78176a95429b37f52387e0e6eb5526dc975

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 52851
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-143f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQf9fjvq0125w8WJSUCOp6wkptlKFmxTpBFg%2Ftjx88cLFA3KpbQXCcL4KRqPoQvnvhOf%2BQMrH5gxkndRenJv3tURzoaYBG6HbirzgFRyZsWwe4WzVAR2YANqIN%2FeKaT0yE8rZT%2Bt4LJXMVkoHPk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eacbc6e2c71-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
hurriyet.gen.tr/wp-content/themes/spiko/assets/css/font-awesome/css/ 30 KB
8 KB 42ms
12ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/font-awesome/css/font-awesome.min.css?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 49465
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-7917"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uHiPyri2bs%2B2yvdnrI2h0QWN%2F5PLzwsOVrxXXb1vllUzTBPS%2FbCxyGpvQFsrbcJRTTMZt59lNU0xv0XlrFaTYJYHPhzHtKDjQvz1ZZXLQggdeBKOu7KgvWpEJ8yoCTDc4Ztifz0x3ttyTuQCSE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eacb9cc9186-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK default.css
hurriyet.gen.tr/wp-content/themes/spiko/assets/css/ 16 KB
4 KB 43ms
13ms Stylesheet
text/css 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/default.css?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2391e4e8a62f80e0715c6eba33bf465e876d3ff93ae19cfc7d73dbdf8e964386

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1183608
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-41e7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujurK7aOnUkDV5kV%2BgicxOjflHrUfHkJokElWXC1ELDY215VYzXjhpV7CjpunxCkYbzg%2FUwvKYry8wB%2FNZ78dJR%2Fphq4FJwqatAopFg75vn6gwQyXn2l5tjn%2BrWqG5AGT%2B80%2FXbj6H5rK%2By9PMQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=315360000
CF-RAY: 79184eacbecf924d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 595 KB
45 KB 70ms
62ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One+%3D%3E+Russo+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

accbb4cf8e0755f7c44abea2d4bef970d550263fe499d7e8668373ebaef9fa8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 30 Jan 2023 06:56:22 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 30 Jan 2023 06:56:22 GMT

GET
H/1.1 200
OK jquery.min.js Show response
hurriyet.gen.tr/wp-includes/js/jquery/ 88 KB
31 KB 62ms
29ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 19 Sep 2022 14:16:24 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"632879b8-15e54"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4j6eZt0C1upWGKyt%2Fr%2Fjc6IRXyoL7LmMutvmxVMBgXjKrV5BtjRhh4a7GhIIheDhkZyTRX6Y6%2Bn7iOiC5cz08c5LGZjnINIEYWHj06LCiXeuS%2BNvxHvNZy7z3g4u9705t3BHy%2BzK4eLwvwk0pA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79184eacbbcb9191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery-migrate.min.js Show response
hurriyet.gen.tr/wp-includes/js/jquery/ 11 KB
5 KB 63ms
23ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"5fb4e3fe-2bd8"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtZeKJ5NTI0YYiWx3t8pHYbKCK8Qv%2FEtEVZt4Ll0YsMHHZpjgbrcCkdoXTYOmkE1uLIDeWaCuvOQCL2Z9OlJlgdw37ImsvvfltQf3E2pD%2FhKY%2BGIMtM5k%2BAbgIsyho0Xj5R4lHpihVpVTFw1mnw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 79184eaccc982c71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery.mb.YTPlayer.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/ 113 KB
22 KB 55ms
13ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/jquery.mb.YTPlayer.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a20ac34a9e41f94e033f91ebb7949e30a7bbec2cceb41d49a0cd5d09b8a283c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 308529
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-1c534"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXuEHiRqITTM4yLOPdR5OQyj3OeOs37E7jMqNom3bK7jHMoaUcjPTYfwV1BqZs3wthhgJSZgtDMbE5Ijh8l3d%2Ft2OhtxdJddguopFzOgH2OpXLnYtUSBDXRkK6FIuc2qN%2FeO13JJTD7ZfG%2FV9IM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eacc9ea9186-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 47ms
47ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-223139560-2

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3323227a0eaabd936f7cd816ce2e19f886225c82fff2f53d1ba0aa0518cdcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44050
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 06:56:22 GMT

GET
H/1.1 200
OK front.min.js Show response
hurriyet.gen.tr/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 56ms
13ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 323034
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sat, 30 Apr 2022 11:12:04 GMT
Server: cloudflare
ETag: W/"626d1984-17cb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zS5DAzkGc72sGKcpR0vN%2FwbEtKEQavdokNkgcYZDm%2B%2BLPsjXXU5lk6oVnLdlZSKst%2BPb6kBQccdiOgWqXMOZ2kfRzAUclgR0RfngUPaqmqLK7qlPM3qOIUjnTQJgIzCOOmKy%2BkTIWRwX%2BQDfjQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eaccef6924d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK custom.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/ 3 KB
2 KB 60ms
12ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/custom.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba869eaa8489635e634751f0b69d8f8ee46c92c9096b0067941fc3df0d428c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 209545
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-bc8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPRGVQbCiAB9PgsgpxfjUs2YFsoJnAP8z%2Fr0UdoLZ%2BJoO5u4yAsIPWGgOmT6swI6eLfX7ZcM3pw7V9R9VzYg7%2FFxlKQclCpTr%2BLMR1jGM3WlnyGDnLxDTn6jSmbmfBXfavSzYDptdRPB2bfW6MU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eacdb95bb9b-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widget-custom.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/ 513 B
1 KB 73ms
17ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/widget-custom.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2626214591a64f2276ed6a7ad31b5d98d2dc432f43773bf985e6cfd76c0f750

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1099430
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-201"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NLiFvgNCmbuZybXmY8KwdKGbINxORZREI1VVEeJe2hf4H3LdOCnt4%2F01Qoi8%2FO9a1%2FWgdn4SX9qrNDSZWDlTjJHhumXKarB3pZdgWMjug3oe6HRERYHCWh1q7pmsAKraiU9kHAGgdycluhYBZI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eaceed85c38-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/ 48 KB
14 KB 73ms
16ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/bootstrap.min.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d711092840be7b4dcb03497457166764177c1ee6edd4379aac31fef677f1b2f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 49465
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-bf07"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CblIGdyOAaRKWWgbM1Pzsa0r6xEtGPXRg%2B723sJ84FxRPsMIs8D0DulmDnNKrbPhhR4IDLSqO1RkzqCQQ%2FhcD0CxZJ2i4U59ui2Gxv02TgNdBd3Rj5Lg5fphb4%2B526A9pNQB86qEVsI4UtpefWo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eacea129186-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.smartmenus.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/smartmenus/ 44 KB
12 KB 68ms
12ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/smartmenus/jquery.smartmenus.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34f53a9fbd78ee17ea6a7883f5c8d914f820d1382514547faf3235f6acb2d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 323034
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-b16e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUM4XZxdeSIFKjpYiMWh1ZXQEjj3k%2FtR4HFEFcfUrs%2FROWLWK6W4nJ9bv7ak1UbJ4yMEA5mO00OGlP2AC4GDxTeuv5cWU6v%2FvTTmyJS6zzx2V3cOb%2FJkt4q3UE2%2F3ujkKWhD%2F3cbpR%2FL15sJKAg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eacef06924d-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.smartmenus.bootstrap-4.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/smartmenus/ 6 KB
3 KB 84ms
23ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/smartmenus/jquery.smartmenus.bootstrap-4.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82020205c5dc1f2b2dfede6f288ce43524b03f5b86427c0887f9e6e0cde7e1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 224591
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-16d4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32WbzTD0rRYOGkDcRbJ1vAnFYG8jcbKdVr7ORmC4Q1uF7JgmzKIgKKmtAJwLUUFKwTiijlkQqDrGN9ULw24HMw5oQLQVH9IWoiVf1MmJEK2GRtFOuzjOyy1nRTo2si6vSvUD%2FfRG5LhyKYvXldo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eacebb2bb9b-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
hurriyet.gen.tr/wp-content/themes/spiko/assets/js/ 42 KB
12 KB 74ms
13ms Script
application/javascript 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/js/owl.carousel.min.js?ver=6.1.1
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 49465
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: W/"626ec506-a70e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGymrZWCJW6YfsjoorRJLsWzawZwHkUg40TMoJJhR4Bgn4lBQQNbYE1APObyIKZNql4bEM4EvObmZ7kr4n%2BDF%2BrcLgdCiJEXbkRtQrpDOIrMy5toMFjpKRwPvuIg%2BcmPVkO6cxyGfhrAqHmFs6s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
CF-RAY: 79184eacec219191-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK breadcrumb.jpg
hurriyet.gen.tr/wp-content/themes/spiko/assets/images/breadcrumb/ 263 KB
264 KB 13ms
13ms Image
image/jpeg 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/images/breadcrumb/breadcrumb.jpg
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/wp-content/themes/spiko/style.css?ver=6.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dc6eac3061ccc028ae812031bdb9b280ea76abae93a6ea6736743a5b944c1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/wp-content/themes/spiko/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 681733
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 269221
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
Server: cloudflare
ETag: "626ec506-41ba5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNF6o%2Bgp0gkF%2BZaCdhbRWnm%2FHP%2Be97nfPBZMElcBZ4GyXxqV%2Bli1CdNGr2YJGrWwOoyKpDiRZdNS9gPAfAseghBRyhswWa8H%2BQEuvzSHjN0z0%2BEhEyGpuNtDINLMM8UBASKaw7t8CMNatGGfSRw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 79184eaf0f3cbb9b-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One+%3D%3E+Russo+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hurriyet.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 26 Jan 2023 14:45:48 GMT
X-Content-Type-Options: nosniff
Age: 317434
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7884
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 17:03:52 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 26 Jan 2024 14:45:48 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
hurriyet.gen.tr/wp-content/themes/spiko/assets/css/font-awesome/fonts/ 75 KB
76 KB 64ms
63ms Font
font/woff2 2606:4700:3036::ac43:8967
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/font-awesome/css/font-awesome.min.css?ver=6.1.1
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://hurriyet.gen.tr/wp-content/themes/spiko/assets/css/font-awesome/css/font-awesome.min.css?ver=6.1.1
Origin: http://hurriyet.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:22 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 01 May 2022 17:36:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "626ec506-12d68"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ND7I4Apo%2FPmhtu0dRMDoZLIb3HBllBmjvKNDMXIb8ObzEyjpD98q%2BM71q%2BEfynS15q0HgTmIqI%2BjcFEd46jMThMk5MWs0fGhCaKGOS7gQYRQC3x1zcd%2BE1ZgJ0hyzXQAjn1DPqXhHvfHBl4K4Uc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 79184eaf2fb79191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 77160

GET
H/1.1 200
OK pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hurriyet.gen.tr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 28 Jan 2023 10:04:38 GMT
X-Content-Type-Options: nosniff
Age: 161504
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5544
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 17:03:48 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 28 Jan 2024 10:04:38 GMT

GET
H2

200

/ Show response
chopose.icu/
Redirect Chain

http://chopose.icu/?pus=grrtcztemm5ha3ddf44dcnzv&sub1=&sub2=&sub3=&sub4=&gmt=0
https://chopose.icu/?pus=grrtcztemm5ha3ddf44dcnzv&sub1=&sub2=&sub3=&sub4=&gmt=0

10 B
196 B

37ms
37ms

Script
application/javascript

104.248.207.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://chopose.icu/?pus=grrtcztemm5ha3ddf44dcnzv&sub1=&sub2=&sub3=&sub4=&gmt=0

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Server

104.248.207.50 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

Redirect headers

Location: https://chopose.icu/?pus=grrtcztemm5ha3ddf44dcnzv&sub1=&sub2=&sub3=&sub4=&gmt=0
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/ 361 KB
119 KB 126ms
85ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3511830694161206&plah=hurriyet.gen.tr&bust=31071765

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3511830694161206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08ae7734b9717db796f776510bee06edd0cc39bc097b06df93122dce7d58ae0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121320
x-xss-protection: 0
server: cafe
etag: 13000236338000286180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 06:56:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/ Frame 510A 10 KB
5 KB 81ms
20ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3511830694161206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 07:54:31 GMT
etag: 10353107486223812946
expires: Sun, 12 Feb 2023 07:54:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
20ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223139560-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 06:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 08:21:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y0NWVC08XE&gtm=2oe1p0&_p=1801659708&cid=1769857252.1675061783&ul=en-us&sr=1600x1200&uaW=1&_s=1&sid=1675061782&sct=1&seg=0&dl=http%3A%2F%2Fhurriyet.gen.tr%2F&dt=Hurriyet.gen.tr&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y0NWVC08XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hurriyet.gen.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 62ms
29ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api?v=3.2.4

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 30 Jan 2023 06:56:23 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api?v=3.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 06:56:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 41ms
40ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1801659708&t=pageview&_s=1&dl=http%3A%2F%2Fhurriyet.gen.tr%2F&ul=en-us&de=UTF-8&dt=Hurriyet.gen.tr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1136350888&gjid=1597485248&cid=1769857252.1675061783&tid=UA-223139560-2&_gid=2084038774.1675061783&_r=1&_slc=1&gtm=2ou1p0&did=dZTNiMT&gdid=dZTNiMT&z=761756492

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hurriyet.gen.tr/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hurriyet.gen.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
610 B 155ms
41ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hurriyet.gen.tr&callback=_gfp_s_&client=ca-pub-3511830694161206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3511830694161206&plah=hurriyet.gen.tr&bust=31071765

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be9616849e055ec68677e33e8a7c2a53b35d4e967d1d57be2af6e3ebafda7a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 65ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hurriyet.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 117ms
43ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hurriyet.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE90 41 KB
14 KB 272ms
271ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&adk=1812271804&adf=3025194257&lmt=1675061783&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Fhurriyet.gen.tr%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1675061782937&bpp=3&bdt=456&idt=273&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5854684907016&frm=20&pv=2&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bd3e671dde8ff2226e67f259a8dadb762be528807d73cc11ab54749473481a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14277
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:23 GMT
expires: Mon, 30 Jan 2023 06:56:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/ 150 KB
51 KB 71ms
71ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/reactive_library_fy2021.js?bust=31071765

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa7a04a502aa46e3a98c5edce352da210261920902ff6b7fe24362bccb03f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52190
x-xss-protection: 0
server: cafe
etag: 17167586920111572479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 06:56:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hurriyet.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 44ms
43ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hurriyet.gen.tr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 855C 31 KB
12 KB 292ms
291ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0219b531a24027597c58b8bd65c91a8e5b4ea426034298e86d840947107a28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12467
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:23 GMT
expires: Mon, 30 Jan 2023 06:56:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33FB 430 B
231 B 245ms
244ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=2681522106&adf=716454379&pi=t.aa~a.1785515963~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=1110x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=1&bdt=1061&idt=0&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0%2C350x280&nras=3&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=4153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WLZZ0JMdhI&p=http%3A//hurriyet.gen.tr&dtd=33

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8401abf597723051b2517fe5ddfde1d35016eb0a8755515c1edb1132b5d95a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:23 GMT
expires: Mon, 30 Jan 2023 06:56:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 42ms
41ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hurriyet.gen.tr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hurriyet.gen.tr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/ Frame F38D 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 07:54:38 GMT
etag: 10353107486223812946
expires: Sun, 12 Feb 2023 07:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F38D 0
0 63ms
62ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdAIbF2rXY_-iEeSR78EPwOCl0AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MTE4MzA2OTQxNjEyMDbIAQmpAthR_5RtO7I-qAMBqgTHAU_Q7FX1sq_sYJ8RZgIQtHF0-_P5hDPxKXgmnH52BGa62limXm4ugJb6XAoafvz6OXO9GWo8ys0TYrHIGxtHgx1I0U5MAi8ZE9L0y2wo0BpWZPuDNyZb6tEJsHkBghSfyPtBzKfsVLSLIvJUO5rloLJlSPtkFQcSw0pJ-ahzJnPViHELqjktzuPwFObd0gFYIMUurT3XWnNPnuDdvF1OPvsSDuP4mSfZbRN7SaPyV_4ZLC0m-l_PCNRfvuSrfsXJcRBGnCnkQkeABvGWoJ30qOfpNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzUxMTgzMDY5NDE2MTIwNhgA&sigh=tlv7W1QYpvI&uach_m=[UACH]&cid=CAQSGwDUE5ymksHWxNpFizmbE8xc-4syf8IvK-vmCRgBIBM

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Jan 2023 06:56:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 30 Jan 2023 06:56:23 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame F38D 0
0 41ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kIDhCcz6RO0HfJ2DYgICAAAAwDJYbFZCm8kQF2rXY7hUIV-zwevKJGzjABIAAAoOQVFVREFnWURBZ0VQQWc&wp=Y9dqFwAEUX8CO8jkAAlwQPb7-YhndPPcbEa0_Q

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 236064
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 804C 138 KB
45 KB 431ms
120ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9dqFwAEUX8CO8jkAAlwQPb7-YhndPPcbEa0_Q&u=%7Ck%2B%2FeQMtsieKKXat3yt6d1hcn2c6%2BlxdozYZcYwTRPW8%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKyHV8GqxwOuiUJNSRFI4_1l1J5g0ndcVrm2g3077Fr1kcIjW5L2CjbVV1IIUFi8BkqU7sXCoarxa3GXKjtLvuYY-c4womCIYx7JoOWdudrusrrcc-O2QsLEMe0WShwyowwcs6Bb79SqsltTOTXXo8RWqZEZBmf7iLiUTXSB2LKha_zFACW9WIXfKd3Dze352FouHK697jTRCJYXME4bkQ_i19yqA2gEjIcj-34q0YH14bhCaVI8TgwEZFt9nq3pcdLKgWuX8P29sUUh6tAPRtWSQ2nlc4gRlcmzlcwwQeBiLLEBKPEnPoz6I9niXB9FWIhd6vcfteaTA88x93t-C21pDdW1MONHSFZ_SRTiHgv48YMb9OUVUJcdKtlJ6Jkv24dk349k7VvzjH07ICqS3QEawC-sfrNx2S1Z7n_4ja07RQeIBL7KipGuPM97s9S2aKwzCAQCuXIyaxMMmPWAOgzLvLpJ1m3wS4aufMC735_TL-dhbHRrBLcnniOS_27S3bp4me3v9z1lkVQ5Y0mD_Wz_wOLzW06aF1arXOngRlJlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6g2qF2rXY_-iEeSR78EPwOCl0AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MTE4MzA2OTQxNjEyMDbIAQmpAthR_5RtO7I-qAMBqgTKAU_Q7FX1sq_sYJ8RZgIQtHF0-_P5hDPxKXgmnH52BGa62limXm4ugJb6XAoafvz6OXO9GWo8ys0TYrHIGxtHgx1I0U5MAi8ZE9L0y2wo0BpWZPuDNyZb6tEJsHkBghSfyPtBzKfsVLSLIvJUO5rloLJlSPtkFQcSw0pJ-ahzJnPViHELqjktzuPwFObd0gFYIMUurT3XWnNPnuDdvF1OPvsSTOHZC6BW8QDE1bdRh8O_1CQy8OnFJszdCiyW2Dd2bzxeGYNgUfjLa4WABvGWoJ30qOfpNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_3AcDgKA_4U57jzsTo4_fSdSH6Q%26client%3Dca-pub-3511830694161206%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

006ccd217f89b84561221f94ed50ec1004a74e93363fc642c7f91415bf047b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=VcHQ8b0OpoCOjuLIrAyX3W3pl2rrLNmtoTNrYs9KRJTNJj9zkgg_x1ftnLjvHgh8FUrrk9kGbQ6MCuNLGS4kcGd_fJ6F0utrDR0jvWJxdnA-Gn-3ph6DSbiK9uc40vjhJOoXdmBFnKvzVMp8afNI3XcxIURnrrwv-cOoPNCtVENz6LRgBQU4DOpFgaNgm0J4CXl8mJFElEKLbVUVGwA8zH5Fyc_i_ckh4pZUQYcV03t0ANEmrpVbm-PLf6hayL_O5QGs2g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 92629835
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame F38D 3 KB
1 KB 84ms
23ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame F38D 18 KB
8 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F38D 156 KB
48 KB 151ms
78ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 06:56:23 GMT

GET
DATA 200
OK truncated
/ Frame F38D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 368ac61525dd2d22a742fd35e2265b2615926e668c481d3b8759b14abd63a1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EFCC 0
0 63ms
63ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJCoqF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzAFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8TYYis1fNHdZaduNQdErpsJHUkS5SpFlWipH7yoLbsfTNIl03upCABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzUxMTgzMDY5NDE2MTIwNhgA&sigh=z16C7NkYN4A&uach_m=[UACH]&cid=CAQSPADUE5ymAKB02UW35NSkfVcw-VpLTWt_QCcLyB8I7ME0dKBoVZBfHm3jAQxU3qFebvhoZ3xqGnC8VF5R0hgBIBM

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Jan 2023 06:56:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EFCC 0
0 46ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h92hzew3tf4795qvq6gsh67v2dawevgse15sx2d36ydcdxtecmemakm8hbey2zv9ksbeg6j887hbzcr2e4bsy0rsha7dvqb6e2grdzzaz3hwapg1asex8htbs48nge2nttn2v4cvm5mxh1e8439j94tkj9amz0dnetv6ybee0zh6ee7dfsgvy2yrmv8q5fv175awhw8tkrprmn9cda51ryg9k7c6rnee27r62s5ydsj7zqqf43ety94w2jf4yc4z6s78qbp4ahxjatavbszp6kgrcxkxhfjnez4qnw96026hqnnzsaqeb2fqdprczfd94eb4dd823z31zzs344nhgzkhaxdmcq2vevhf8knb9hqabzygsf420jgj33g752pxfsekcyhyw&b=Y9dqFwAJKVgCO8ixAARJ7_F8ytqlk393gschMA
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:56:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame D6C5 2 KB
3 KB 64ms
33ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kv0hqrcp0x26hx3z5rna6f772nexeryvt7xjt8mdzj7wy25f9m5nnx5x0m61450v7gdxrmwszr4f33t1wdzwx53qg91jga3hj6zt38psjh4svrj5w7canz5a158mhdqpg3qjxg8p9sya62qab1kp0s6bwtgj9c6hhyxkqkyfyxveb8v929mvbvcy5s50n5vper6q0v90wcs4mbjmb68r12682sc73ayn8xzcwmahj33fy71kaq44dcveqe3jpr70k7mx1s1rp25ryhmtt82ajryvs2nv17nwdyc6n4rmvyn69xxqe7a2er32t09ym0wd6nkpp8wd3pcpxcnbnwpk3tr9xvg5t9enb5pqsdtjhfd4vrv0rw27mnz5wdep0k8f9tzdx3m7x204qy41t2h73qgvw122aberfg62eqt7m7vnhwtew3ae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%26client%3Dca-pub-3511830694161206%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543c19c726035ca99b7d54c66258aecc4c53fcaf11260385835587621194bcb0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79184eb58bc690c7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame EFCC 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4184 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 12:29:10 GMT
etag: 48472445140208031
expires: Mon, 30 Jan 2023 12:29:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame EFCC 18 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EFCC 0
0 116ms
41ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSg46GwP55A4Z4UK-2h-9w4CfQLsdXndw5LJ6lrW_UdAlH21pKBnKJlsQfUCZZYPEoE1Yq8V5GXG0b-8RNihw9hSZAokA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFCC 156 KB
48 KB 101ms
100ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 06:56:23 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4184 0
104 B 69ms
19ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGkt_GioBbdRYbDFdrxhLrM&google_cver=1&google_push=Aa02lx_MWD0ruHdQmFmI1nUxhbZwG_ChSdGyYe1nF3fcj4FQn8UvKGFdZ4MWG7q8vVWUsbivpp0S1qxbeQgIx3Sn1G4mq1ZD1It0bw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4184
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJwZl3aLT5eUlBjK80WkMxg&google_cver=1&google_push=Aa02lx9qA-wBnx1Qw5Ewc1YXq4ZCN3jsxfzt7mTn0-6ayjY7tr8fAcZZBDBli8Z9_RkaKW_wEZCoqys-GYfeiA9VTkZn4FOcMYK0
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9qA-wBnx1Qw5Ewc1YXq4ZCN3jsxfzt7mTn0-6ayjY7tr8fAcZZBDBli8Z9_RkaKW_wEZCoqys-GYfeiA9VTkZn4FOcMYK0&google_hm=Q0FFU0VKd1psM2FMVDVlV...

170 B
232 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9qA-wBnx1Qw5Ewc1YXq4ZCN3jsxfzt7mTn0-6ayjY7tr8fAcZZBDBli8Z9_RkaKW_wEZCoqys-GYfeiA9VTkZn4FOcMYK0&google_hm=Q0FFU0VKd1psM2FMVDVlVWxCaks4MFdrTXhn

Requested by

Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:56:23 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9qA-wBnx1Qw5Ewc1YXq4ZCN3jsxfzt7mTn0-6ayjY7tr8fAcZZBDBli8Z9_RkaKW_wEZCoqys-GYfeiA9VTkZn4FOcMYK0&google_hm=Q0FFU0VKd1psM2FMVDVlVWxCaks4MFdrTXhn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 4184 0
98 B 45ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8Iurvo0MxmLjFQOq_kJyJedh-SPtpZV2sGLLpJ6GOGBEdeOt7Oyi8zm3d9e2N5rXgVamu3lJpvj8nGP1KJxLude8EJ_iRW&google_gid=CAESEJmRD-j1BiK1BjDF4DTMGnk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4184 43 B
356 B 190ms
15ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJ-ljDvjOAKhZQeDq1hweeY&google_push=Aa02lx_R01YjZ7iT2Br49dsU1SlNqQuEXa5tcC-HBleY_wGQZeqaTL8Mb8DA1Oqo3euzKCY1ZOLX5TDulAoid2npTtzwQpkWlqeo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511830694161206&output=html&h=280&adk=3557513286&adf=1375478801&pi=t.aa~a.1170363874~rp.3&w=350&fwrn=4&fwrnh=100&lmt=1675061783&rafmt=1&to=qs&pwprc=5783567607&format=350x280&url=http%3A%2F%2Fhurriyet.gen.tr%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675061783542&bpp=2&bdt=1061&idt=-M&shv=r20230124&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8542fae29e76394-225413d27adb004c%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q&gpic=UID%3D00000bacdfa1bd73%3AT%3D1675061783%3ART%3D1675061783%3AS%3DALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw&prev_fmts=0x0&nras=2&correlator=5854684907016&frm=20&pv=1&ga_vid=1769857252.1675061783&ga_sid=1675061783&ga_hid=1801659708&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=1220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777876%2C44767166%2C31071756%2C31071765%2C31071790%2C44774292&oid=2&pvsid=1896004531717023&tmod=657554572&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xup1wrrFdK&p=http%3A//hurriyet.gen.tr&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4184
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBqPKtiV-OhRWn7mFXUrHe8&google_cver=1&google_push=Aa02lx-EZcUxt_Gfk76h4Ux9A3g7j1WP-lXv-vq8uirD2RbmaogI9oWGcRKvGQm4m8U1nk-7E6pFNsYlpACP...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-EZcUxt_Gfk76h4Ux9A3g7j1WP-lXv-vq8uirD2RbmaogI9oWGcRKvGQm4m8U1nk-7E6pFNsYlpACPwLVwqMl1XOuxT8mXqw

170 B
329 B

42ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-EZcUxt_Gfk76h4Ux9A3g7j1WP-lXv-vq8uirD2RbmaogI9oWGcRKvGQm4m8U1nk-7E6pFNsYlpACPwLVwqMl1XOuxT8mXqw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-EZcUxt_Gfk76h4Ux9A3g7j1WP-lXv-vq8uirD2RbmaogI9oWGcRKvGQm4m8U1nk-7E6pFNsYlpACPwLVwqMl1XOuxT8mXqw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame 4184 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 4184
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL52HBDCjSP0DWsGQy_sM34&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9UKVyKncrJvVfPzzVVOrazJzeRPkQjd7ARZcagPFJV8aWLr925YxffnkTGEyiUvTbmSzY-o_64RblhwRni0K2Ppoo8zYQ68YE
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

65ms
65ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: hurriyet.gen.tr
URL: http://hurriyet.gen.tr/
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 30 Jan 2023 06:56:24 GMT
pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4184 0
139 B 70ms
14ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kobz9NKhO18ulmDDI8vygdfxQ9s4JirbVXLUj-IQiVn5Pz0Obf6KPfFSShGuYc-S25M5B5kCw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame D6C5 94 KB
12 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kv0hqrcp0x26hx3z5rna6f772nexeryvt7xjt8mdzj7wy25f9m5nnx5x0m61450v7gdxrmwszr4f33t1wdzwx53qg91jga3hj6zt38psjh4svrj5w7canz5a158mhdqpg3qjxg8p9sya62qab1kp0s6bwtgj9c6hhyxkqkyfyxveb8v929mvbvcy5s50n5vper6q0v90wcs4mbjmb68r12682sc73ayn8xzcwmahj33fy71kaq44dcveqe3jpr70k7mx1s1rp25ryhmtt82ajryvs2nv17nwdyc6n4rmvyn69xxqe7a2er32t09ym0wd6nkpp8wd3pcpxcnbnwpk3tr9xvg5t9enb5pqsdtjhfd4vrv0rw27mnz5wdep0k8f9tzdx3m7x204qy41t2h73qgvw122aberfg62eqt7m7vnhwtew3ae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%26client%3Dca-pub-3511830694161206%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kv0hqrcp0x26hx3z5rna6f772nexeryvt7xjt8mdzj7wy25f9m5nnx5x0m61450v7gdxrmwszr4f33t1wdzwx53qg91jga3hj6zt38psjh4svrj5w7canz5a158mhdqpg3qjxg8p9sya62qab1kp0s6bwtgj9c6hhyxkqkyfyxveb8v929mvbvcy5s50n5vper6q0v90wcs4mbjmb68r12682sc73ayn8xzcwmahj33fy71kaq44dcveqe3jpr70k7mx1s1rp25ryhmtt82ajryvs2nv17nwdyc6n4rmvyn69xxqe7a2er32t09ym0wd6nkpp8wd3pcpxcnbnwpk3tr9xvg5t9enb5pqsdtjhfd4vrv0rw27mnz5wdep0k8f9tzdx3m7x204qy41t2h73qgvw122aberfg62eqt7m7vnhwtew3ae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%26client%3Dca-pub-3511830694161206%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 308328
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRQLib%2FFh8lWfxk2CkM%2B6xJQiNSnEhE18TD%2F3z4xcieCSxSrLD%2BTAi1mh1X7FgKqkGBF8LcI2BhbPrNEW79tc8wv7F3etdMU9jNfOVCrFZ8RA8GI2InqaPTiCSjLgX%2FJkCXcRkMhqR8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79184eb5cc1090c7-FRA
expires: Mon, 30 Jan 2023 07:56:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D6C5 35 KB
12 KB 34ms
24ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kv0hqrcp0x26hx3z5rna6f772nexeryvt7xjt8mdzj7wy25f9m5nnx5x0m61450v7gdxrmwszr4f33t1wdzwx53qg91jga3hj6zt38psjh4svrj5w7canz5a158mhdqpg3qjxg8p9sya62qab1kp0s6bwtgj9c6hhyxkqkyfyxveb8v929mvbvcy5s50n5vper6q0v90wcs4mbjmb68r12682sc73ayn8xzcwmahj33fy71kaq44dcveqe3jpr70k7mx1s1rp25ryhmtt82ajryvs2nv17nwdyc6n4rmvyn69xxqe7a2er32t09ym0wd6nkpp8wd3pcpxcnbnwpk3tr9xvg5t9enb5pqsdtjhfd4vrv0rw27mnz5wdep0k8f9tzdx3m7x204qy41t2h73qgvw122aberfg62eqt7m7vnhwtew3ae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%26client%3Dca-pub-3511830694161206%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 489122
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmmbzCNBad6%2FA%2F2tVeN1C8YPeBz2HLSN7yf9l5t0uG0x7r0gE0M2%2B%2Fn5yifb8PkvJiVGTDM53veF2OxFMBJvoLCOlTfHUJ4D3KTDZqTOzLCCzMPNGEtFP73dsoxFvzU967kqNlM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79184eb5dc2f90c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 24 Jan 2023 15:04:21 GMT

GET
DATA 200
OK truncated
/ Frame EFCC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 493c515cc76ecf038eecd7cdad6c9c2789cefa0c55c442b9c4632f934a4cc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D6C5 3 KB
4 KB 51ms
25ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 367
x-guploader-uploadid: ADPycdvPzNjMo9AIUALoUqTWKJBNPOB_RfD71QBfUIwWWIDnAMaYGqyuQcsztbvDytgCKvsyldbe2I5ti2IHjt-ZsBHiHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BCx0Wew3%2BnB58LVhgTEUVH99BRFnemR8ZboBvnEqtdyERKYoIL%2BPjPhdxBsFNCS4nRiSVb%2BCJERPNeJSZ14I6ya417VBeHDWmbm4dRUVXXG6WTCu4880LwDqTsdtcH6XgShmTSgUf6UdDNvSSk5Ijpe"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79184eb64eff9b58-FRA
expires: Mon, 30 Jan 2023 07:30:44 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 223D 2 KB
1 KB 24ms
24ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 211868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79184eb62a25bb85-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 06:56:24 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqHaA9V2mTpdTZDrXsIBbsFf9lWPcOAejiZV6qgl8PuIZ3dUMAIhJp3twazAJqjA80t9qoiWaR6aAVJqwXHD2hs7mQJ10utLRPdWs2gzxmFbOxWidKszo3CAe12NjOPliIsVOps%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame D6C5 1 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ad92ac57cfea3b795f63af2e176e1fa03a478814675212911310ef87795196

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53On661HP4LDA9%2F4ejJbeabv9YI6OyRwFUbsodp1zE6Hv3WYJG6d1JJuZaQzYdrsHe%2FRmIBiE%2FJJrY8HDiOx5j9wjo2Y2%2Ff6zyCNR3eVcNLRxpibqcCw4tM75OEpaXTT4dtzKQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79184eb69ff38fd1-FRA
x-backend-server: aa-reachservice-group-europe-west1-frjv
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
26ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79184eb66fd08fd1-FRA
content-length: 24
content-type: text/plain
date: Mon, 30 Jan 2023 06:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY9aVyAFzfaI4264o0hhxeze3GhdVHCjUNmKJ%2Bb3Cazc0omLuAP%2BVJKqG8dpWVL9A7Z%2BKv1ooFFV1vRO9iUMeQCDmysoVnwi15GYVwU1wLi78qU3xImAKLOHlAfleqhKoTn4mEk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-frjv

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0E7D 9 KB
4 KB 33ms
33ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fb6b9484ce237be9a16a4d1b3a7eed3eed4c1c24b733e510250c2a76904b4f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kv0hqrcp0x26hx3z5rna6f772nexeryvt7xjt8mdzj7wy25f9m5nnx5x0m61450v7gdxrmwszr4f33t1wdzwx53qg91jga3hj6zt38psjh4svrj5w7canz5a158mhdqpg3qjxg8p9sya62qab1kp0s6bwtgj9c6hhyxkqkyfyxveb8v929mvbvcy5s50n5vper6q0v90wcs4mbjmb68r12682sc73ayn8xzcwmahj33fy71kaq44dcveqe3jpr70k7mx1s1rp25ryhmtt82ajryvs2nv17nwdyc6n4rmvyn69xxqe7a2er32t09ym0wd6nkpp8wd3pcpxcnbnwpk3tr9xvg5t9enb5pqsdtjhfd4vrv0rw27mnz5wdep0k8f9tzdx3m7x204qy41t2h73qgvw122aberfg62eqt7m7vnhwtew3ae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%26client%3Dca-pub-3511830694161206%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79184eb6cb51bb85-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:24 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 804C 2 KB
1 KB 770ms
262ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9dqFwAEUX8CO8jkAAlwQPb7-YhndPPcbEa0_Q&u=%7Ck%2B%2FeQMtsieKKXat3yt6d1hcn2c6%2BlxdozYZcYwTRPW8%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVKyHV8GqxwOuiUJNSRFI4_1l1J5g0ndcVrm2g3077Fr1kcIjW5L2CjbVV1IIUFi8BkqU7sXCoarxa3GXKjtLvuYY-c4womCIYx7JoOWdudrusrrcc-O2QsLEMe0WShwyowwcs6Bb79SqsltTOTXXo8RWqZEZBmf7iLiUTXSB2LKha_zFACW9WIXfKd3Dze352FouHK697jTRCJYXME4bkQ_i19yqA2gEjIcj-34q0YH14bhCaVI8TgwEZFt9nq3pcdLKgWuX8P29sUUh6tAPRtWSQ2nlc4gRlcmzlcwwQeBiLLEBKPEnPoz6I9niXB9FWIhd6vcfteaTA88x93t-C21pDdW1MONHSFZ_SRTiHgv48YMb9OUVUJcdKtlJ6Jkv24dk349k7VvzjH07ICqS3QEawC-sfrNx2S1Z7n_4ja07RQeIBL7KipGuPM97s9S2aKwzCAQCuXIyaxMMmPWAOgzLvLpJ1m3wS4aufMC735_TL-dhbHRrBLcnniOS_27S3bp4me3v9z1lkVQ5Y0mD_Wz_wOLzW06aF1arXOngRlJlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6g2qF2rXY_-iEeSR78EPwOCl0AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MTE4MzA2OTQxNjEyMDbIAQmpAthR_5RtO7I-qAMBqgTKAU_Q7FX1sq_sYJ8RZgIQtHF0-_P5hDPxKXgmnH52BGa62limXm4ugJb6XAoafvz6OXO9GWo8ys0TYrHIGxtHgx1I0U5MAi8ZE9L0y2wo0BpWZPuDNyZb6tEJsHkBghSfyPtBzKfsVLSLIvJUO5rloLJlSPtkFQcSw0pJ-ahzJnPViHELqjktzuPwFObd0gFYIMUurT3XWnNPnuDdvF1OPvsSTOHZC6BW8QDE1bdRh8O_1CQy8OnFJszdCiyW2Dd2bzxeGYNgUfjLa4WABvGWoJ30qOfpNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_3AcDgKA_4U57jzsTo4_fSdSH6Q%26client%3Dca-pub-3511830694161206%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:24 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 804C 2 KB
1 KB 763ms
255ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 804C 308 B
636 B 767ms
260ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 25 Jan 2024 06:56:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 804C 293 B
621 B 764ms
258ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 25 Jan 2024 06:56:24 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 804C 43 B
348 B 69ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HJl6Zc-s4uvzRRqaQ8FZD9838LFthncVq16DiAQCY0L16CGfTeXFcBVbAzvmmdENXFxwwsAyBR9rCzpWSzM0tiEC48OsVuvLO-5mqt2WeQMklxWW0V8AcMuHOnmily2B9bV82dFNkyMFeI_sKNoKgT_uKFET3zzmroroTeYsFkWyyr1BgO1UPhgqbCviJGuAaqypeiwUO5pQdSFq63k4_WK5AqRAqbeVz0Bo46ubsDByuD3to--8nttXrAAGcW_ReCRCUHSdhbnP6xmapwJNjiIVN03g73lx0Ak-c1HxACZ5CMzwFfjmdQgkC--kF3HijKzmI2h9vPLydrcbMSkNCF7XZquzXJQB0_47YFQZzRJKdtCiUe2_bZ7fQhkT3p9eLMXv2315cPQLvrm16NM1TXyVT6cvNG3G9Ls8S8E6eWf3QOlw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3335651
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 804C 2 KB
843 B 756ms
253ms Stylesheet
text/css 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 804C 12 KB
6 KB 986ms
504ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 13 KB
13 KB 57ms
23ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=52920&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=196&s=lwj2yhZAWk7iJEkiaovz8cKK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

49ae1cb8c4f139beb5d828ee2823aa505b9fd5ca7455766659a2832bd8f5da1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30836607
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13048
expires: Mon, 22 Jan 2024 04:39:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 10 KB
10 KB 58ms
25ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-fast-dissolve-12-mg-180-fast-dissolve-tablets-7391.jpg&v=3&w=400&s=LevP8o0s9OVn42yZkBC_EJPl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

39e4688dedfe0092b93ee22ca85d9c8560d96b6e8392cb84b55945be68e1c61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30182408
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9920
expires: Sun, 14 Jan 2024 14:56:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 13 KB
14 KB 64ms
31ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-gummies-natural-berry-10-mg-per-serving-70-vegan-gummies-15501.jpg&v=3&w=400&s=HXIvzt1XxgQAoH_QI6qxhCCU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

51d415e3e95dfe1183559ebe7730cab65a6da99caba514b3763f472d4917d838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30067379
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13612
expires: Sat, 13 Jan 2024 06:59:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 35 KB
35 KB 64ms
32ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fkids-sleep-melatonin-gummies-natural-cherrylicious-40-vegan-gummies-18171.jpg&v=3&w=400&s=x2fBp_YdNrKw8WhY7kj9Dj7s&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1c454e6694e516218bbe0b3d749389f03ad8b2698909c186cfac58f5c358dd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31041631
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35689
expires: Wed, 24 Jan 2024 13:36:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 8 KB
8 KB 74ms
42ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-3-mg-250-tablets-11284.jpg&v=3&w=400&s=HWkcXAfIRkJzvEbEZp7-hIeU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

bf58d83de7d38ff3e65e9a6076ca3062e9c5bd96aae704cd389b74aec951676f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30012837
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7850
expires: Fri, 12 Jan 2024 15:50:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 8 KB
8 KB 67ms
35ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-10-mg-120-tablets-4231.jpg&v=3&w=400&s=IZpoi0byybhrkB-_J9Dn1Q5s&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

31154658c0f43551d13209857161e9d915b4e3b90fb2ef653462c34441e9fcda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29990596
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7770
expires: Fri, 12 Jan 2024 09:39:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 804C 11 KB
11 KB 20ms
19ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmilk-thistle-seed-extract-3000-mg-per-serving-100-quick-release-capsules-3541.jpg&v=3&w=400&s=PK_ECGrWm9HQ25jYOUSJQxnu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5308a656d610d9d0704bccf29e9661a68715a49efa98957fb94ccac91e63aace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30689351
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11228
expires: Sat, 20 Jan 2024 11:45:35 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 804C 0
128 B 60ms
22ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=VcHQ8b0OpoCOjuLIrAyX3W3pl2rrLNmtoTNrYs9KRJTNJj9zkgg_x1ftnLjvHgh8FUrrk9kGbQ6MCuNLGS4kcGd_fJ6F0utrDR0jvWJxdnA-Gn-3ph6DSbiK9uc40vjhJOoXdmBFnKvzVMp8afNI3XcxIURnrrwv-cOoPNCtVENz6LRgBQU4DOpFgaNgm0J4CXl8mJFElEKLbVUVGwA8zH5Fyc_i_ckh4pZUQYcV03t0ANEmrpVbm-PLf6hayL_O5QGs2g&sds=2&rev=84429&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:56:23 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 804C 2 KB
1 KB 254ms
252ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 804C 2 KB
1 KB 262ms
261ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:25 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 0E7D 94 KB
12 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 308329
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbLTQxEDSfMWRkXPMAcmRAnGF6%2F7sK1LMUAHyKz7ElDUU0jBBKqU4siMUgQvb7S7uEINUrNJGZSx6%2FGwhepwHWnGSCNzVDyRqumcHmKlZj%2FQ%2FbySN96qoLuJfww0S9SFwT4azYhamXs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79184eb73be5bb85-FRA
expires: Mon, 30 Jan 2023 07:56:24 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 0E7D 53 KB
54 KB 33ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1518401
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuRDZ%2BLLM3LISBagu06jwfhZiRSKxneiPQBwYRFifE%2FAIUWTv65huQ946%2Fqb4C3IiVHy4cbBn07CR75O2rIfcm6WOu%2F3Z4shxF%2Fy3MQQcRM20WEYEOhM6%2BWSjm8EtCjCJhSLYQAJxUZ1mxxv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79184eb74df490c7-FRA
expires: Tue, 31 Jan 2023 06:56:24 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 0E7D 11 KB
11 KB 33ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1088523
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGYP8KyiAjRCDECizvwjJtLGRGOwX%2FFqZuuNa7A%2BPgRJuFdErgcbp8xdWGNVwIkH7WR67M0Ywbg%2FSmOBCq6WnpNVZRkbrAgKhFMZotZRAc%2FYCZN5sYPMyluqdtjCRYCAz4tNgXtyXqvEJDDB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79184eb74df590c7-FRA
expires: Tue, 31 Jan 2023 06:56:24 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 0E7D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJCagbXb7vwCFZm4dwodzYoDiQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

125ms
28ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:24 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Mon, 30 Jan 2023 06:56:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 0E7D 9 KB
9 KB 36ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 908526
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dndtcm7S4PZbLug6hbHlWJ9D2JBtdq7dNeEuLGaMxCHARqngLrDxa9rtVjj1SHvwYoxI8wNfbMsbTxucKAXs6unCH%2BPDLnMDsig0Nepwcj1okipBvZDml9R6zYyAlKytBePZ2uZEtZv1GZtn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79184eb74dee90c7-FRA
expires: Tue, 31 Jan 2023 06:56:24 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 0E7D 20 KB
20 KB 39ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1088520
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sFeUKGrGaM6vpWFHDbFJSI4uKQvLJuda7OOT0E5i1jvwdxIOOMUNfhLDqBz3l2EYviEUE7dyp4MLMImf41PWTEsU4d%2FfcHTNb7SCw16THpP%2B56CNZ8UCOMcT8w%2BtKTitJ%2BI9RzZDNLTCdkj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79184eb74df090c7-FRA
expires: Tue, 31 Jan 2023 06:56:24 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 0E7D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKibgbXb7vwCFQKhewodBvsM1g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023013007562481037451491X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

56ms
15ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023013007562481037451491X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:56:24 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023013007562481037451491X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Mon, 30 Jan 2023 06:56:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 0E7D 44 KB
44 KB 36ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 896557
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBRxiQkMJz%2FBkXoydR2vY5kJeSV%2BRKFoq5Mj0dmGMsCbyqeTfZKnbHHcAxRZTs6mbNP5Va9hRTu8He82OBfU1u5LZF17Xj7OuHxvivV1wVU5%2Ben%2BtLrblHlCNaLtDV4tOnuCGyvoM5eDVSCy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79184eb74df290c7-FRA
expires: Tue, 31 Jan 2023 06:56:24 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 0E7D 222 KB
222 KB 39ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2339941
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WO%2BP8ZsfkAVHftdO4kWQqLxJAJw7uK7wUhCzEpMo8FYTzFo%2B6oIoCGKD6vwWwzO%2F9iK6nTUwh1EHgSOHlQasU7YoiCpNx3yd23D9o0O7Tp2ZiKVQrcVxCyxQ3rkgIPlNEK%2FDWPEOCpe45lKv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79184eb74df390c7-FRA
expires: Tue, 31 Jan 2023 06:56:24 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 0E7D
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1675061784_35cf8250-a06b-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

0
674 B

61ms
35ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1675061784_35cf8250-a06b-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=75e075ff3947498cb143e9a1aba8fca8%2F11161657248889888594&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1675061784111&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knd9tthqw5bsfswtydaph42hcw6qa94jgt0tzanr2fbadcg2nzh65m0054ctp8kt41x69mvvzbj3z5tancszysgp9jr0ysmqtkcsxjh4dqcev4jrdrywfb8vmqx8gscc0qx8mbefmxgg1708efcvsr6pjpb51cwby0qdgrshtmdwb7k8derj34es6dkxp47revhke3xnykyx91nf6h1w5gc4nph98d9zb92pj1hz10sy93arzg29cfge0mwmqyf424gryzke096135z7ek0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGtbF2rXY9jSJLGR78EP75ORgA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTExODMwNjk0MTYxMjA2yAEJqQLYUf-UbTuyPqgDAaoEzwFP0LUedxOPWEUAXMOnv5Y5dsffYOj0ZwkaKXp9gvbDzgjS2uyW2kYH5x3FzNe-HWGlPz2rzmCJe-x08DdRh2dSiCvFCP14o_gafQcagw8irf3Y3uweKhg3yqGcuv24BvNgmJ2pKvNxfEnjZcmfJKl03-yOT9N3WJYEwqhhNmxbZ2hC-lwhoHwcibrUlA563GPkAQ2gfDmHjAH_PzyExY9_mp6XDZm8D4QDIYA0mpaS8avGrgN7QqjAm4NYikGLClOyWHpPr9jV94Go-lhEIg6ABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0NK5QKWqOpi_iiRRZxpuPRdkMhng%2526client%253Dca-pub-3511830694161206%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:24 GMT
via: 1.1 additional-webserver-blue-b3gw (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 708663708
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=4033f28462bb61c0
cf-ray: 79184eb83cbe91dd-FRA
expires: -1

Redirect headers

Date: Mon, 30 Jan 2023 06:56:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1675061784_35cf8250-a06b-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 804C 15 KB
16 KB 1088ms
550ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:56:25 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F38D 42 B
174 B 55ms
54ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuS94ORXCqZQ9rLhhpYieAoUvtZMAho2qmwWHe5SQXtg6rqecuVz1szNDi_GUoePJrZ7bnPEr7Q8y8C6yF5frurd2c&sig=Cg0ArKJSzMtsXnQejEyYEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=59,768,1000,1068,1068&tos=59,709,232,68,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675061783616&rpt=313&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 804C 0
127 B 20ms
18ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:56:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 69ms
68ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5c6f73c8e355e489cb0391ec98300ee31f2b9882a9d4e62b981e3b4f5e9f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11114
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 79ms
79ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 06:56:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D6F 13 KB
5 KB 24ms
21ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 251544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 09:04:02 GMT
expires: Sat, 27 Jan 2024 09:04:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DCBA 783 B
1001 B 47ms
45ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4c0d6007f36d410ab5ca3e4b4ebee24d5080c533387c68dcfcabe407edb8637

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Aqr6aRIBTIiEw9bv0GWmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hurriyet.gen.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-0Aqr6aRIBTIiEw9bv0GWmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:56:26 GMT
expires: Mon, 30 Jan 2023 06:56:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ndpca2HbatLwKNxS7dvlJFKe5fdM9rHtoHQTHStku2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D6F 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ndpca2HbatLwKNxS7dvlJFKe5fdM9rHtoHQTHStku2E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35da5c6b61db6ad2f028dc52eddbe524529ee5f74cf6b1eda074131d2b64bb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14214
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 09:50:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DCBA 0
0 53ms
53ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=1896004531717023&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1D6F 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2OSJWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:56:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230124&jk=1896004531717023&bg=!w8ClwITNAAZSrDxfcqw7ACkAdvg8WqLy3O_xlBwqeMmqI5fFhw78tPPEkiZVWzHVwlnqNJCyctk1TAIAAABSUgAAAAFoAQcKANAWEB5X9ugKwOTDab_F-i_khqzflJeK_f0hPfEb446xsvcNfxHjQsdyCf3ENpo8JRURKmvrWDZBBQ-0zKfvP2zybrAsD8Psb4vCLEwts4Od3IOeSCmQ6M3DIzUObtO9E1MXYuJm3yY2eM-K0EfemerfhlX3k7LSnOzLy_br_Iu9crWg7Bfa2biK78Bvum9sHxDnyqgL5f5MvMhgZqIJoKMp-F5tsehIgj2a9pLY9TkrXQR76bSOHs0mURvqHlwLuzisZwz-0ZmdNcwwcRuoGJ7amQKWYI9_i9mamaqyCWaEAvC6p6AyoBdnVlP3klhKDh4rBUGl0c8xRrh07UDgLn9qxbzLx7sqtimrm3Zam9nM49MJraecKGbLZGAzb-ENrNBAeFhe96rR5OCbIH0cm94JIV3ni9_7XfpUdNIfAC8A18BNbfx7sHag1gddf2ZEY7W7O44yeGCBGsvtnbkB6h6Lt-QP_gj6Oip1vu7eW-HmRj_QfoK8OgmL8pqDgFGK2scE7ovyCDkv_50mddyyeLygb2YH3g-EVtcAogd3mPHhAXdx9ULnnITigUhK2erJY2tPB0AilujrQ0DuU44kjBSekforoYp3DoYQFSY2m8IlZbzZ1xSJtz3WiTVV-0lsamRi6oRNBON7Nj8StDBuFwV-SNgW8tatGt9s9bfeNbptBNujP8YEytcKjL3mS89Za9NTeFklXUw6_anoRgtRA7oZPYzSc0xXMcRhM6loML9_IYz-CsHj8LbKhJj79XV3Y2fGQgkdCzFWGd2jmVLfeiP8HAPSBf14Pb5qlkriO5vTWndSoGPqxlxKOn8cB7qH7mWQPZJsApPibIcVbEwm9IglpwJyDO40pIXSzT9KZ-AIGsEZeYVR-2UXmypZ_KxmrCCxLzmIMjPt2zNc3LPcpGPDDQFutawwj7LOI6Lr4wSTC_ddVpb3M72oHPG52DxGyyblDUq9Yqe7OPsDXF6Q0hFXFQXOHD1zhmV0AdUxXYcURoqf8q8Kq2zMTzaVR0OgknD8neDWGKmX02p7HRluUVMZ5ErwRERhVVIKvK0b_2c0V2Czu2-YbQJOEo_WL0JX-_gIAt6QgV88GMjcqfMi_1BAUtegT5cHnNEFmeDqBwywNOJPimk-0n0qtP-v8RvRkdJkze0O8pexBbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y0NWVC08XE&gtm=2oe1p0&_p=1801659708&gdid=dZTNiMT&cid=1769857252.1675061783&ul=en-us&sr=1600x1200&uaW=1&_s=2&sid=1675061782&sct=1&seg=1&dl=http%3A%2F%2Fhurriyet.gen.tr%2F&dt=Hurriyet.gen.tr&en=page_view&_ee=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y0NWVC08XE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hurriyet.gen.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:56:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hurriyet.gen.tr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK-AOKwlIspa7Bx970duHX4&google_cver=1&google_push=Aa02lx9GQDPZigLj1oPGGwP6Sk1HeITCesWFxFA2hXwXuOAShTPDtGY6RP9TeiePIme60Bhx4h9QNfAWlWtEU6XEuD5i1LjrGGxWjOs

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chopose.icu/	1970-01-20 10:00:53	Name: uuid Value: 2ca74a82-44f9-4360-a014-55938d035d80
.parkaevant.pp.ua/	1970-01-20 10:00:53	Name: uuid Value: 37f42dc1-ac25-4cdc-b4c3-a135816566e3
.hurriyet.gen.tr/	1970-01-20 18:53:41	Name: _ga_Y0NWVC08XE Value: GS1.1.1675061782.1.1.1675061783.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: b-Ewr14DFvg
.youtube.com/	1970-01-20 13:36:53	Name: VISITOR_INFO1_LIVE Value: uvhVnJLliPk
.youtube.com/	1970-01-20 13:36:53	Name: DEVICE_INFO Value: ChxOekU1TkRNek5UVTNPRGMwTURrME56a3dOQT09EJfU3Z4GGJfU3Z4G
.hurriyet.gen.tr/	1970-01-20 18:53:41	Name: _ga Value: GA1.3.1769857252.1675061783
.hurriyet.gen.tr/	1970-01-20 09:19:08	Name: _gid Value: GA1.3.2084038774.1675061783
.hurriyet.gen.tr/	1970-01-20 09:17:41	Name: _gat_gtag_UA_223139560_2 Value: 1
.hurriyet.gen.tr/	1970-01-20 18:39:17	Name: __gads Value: ID=e8542fae29e76394-225413d27adb004c:T=1675061783:RT=1675061783:S=ALNI_MYUsC8HlRKapyjFUf2YVeSiwwDf0Q
.hurriyet.gen.tr/	1970-01-20 18:39:17	Name: __gpi Value: UID=00000bacdfa1bd73:T=1675061783:RT=1675061783:S=ALNI_MZFGn3XSBwPfeTlENuE5dcrFOoPaw
.doubleclick.net/	1970-01-20 18:39:17	Name: IDE Value: AHWqTUkdGqIPiRxdTea1ukYPt98KvEyPe4WD-sLLyx6XBsoLcEWZAc3hGONWsr089uo
.agkn.com/	1970-01-20 18:03:17	Name: ab Value: 0001%3AQLs17GbO68bkqXeEnPubSGDpQ7dYiB3H
.agkn.com/	1970-01-20 18:03:17	Name: u Value: C\|0CEAraiaYK2ommAAAAAAAAQ13AQCAAQpAAAAAAA
.awin1.com/	1970-01-20 09:22:00	Name: awpv11354 Value: 412871\|1675061784\|35cf8250-a06b-11ed-9a3d-2232032dcacf
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 09:24:53	Name: HTLP_timestamp Value: 1675061784
www.conrad.de/	1970-01-20 09:24:53	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:17:43	Name: __cf_bm Value: 62nxVUGXQ.bzwpD4wMXUIJ0MgbwY.APjczdXGv0fBH0-1675061784-0-AQfX+loWeIKzDvJdTD8/cAIlXNdHYe/yhnm6LnbUZ+A0ii3F/WDQqI+n2nDKpVXhyxhTle8nqyoVBtELPEPFpm8=
.blau.de/	1970-01-20 09:27:46	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1MDYxNzg0dmxlYTFkZTIwMjMwMTMwMDc1NjI0ODEwMzc0NTE0OTFYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 09:27:46	Name: nscQ486 Value: V
.blau.de/	1970-01-20 09:27:46	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023013007562481037451491X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 09:27:46	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1MDYxNzg0dmxlYTFkZTIwMjMwMTMwMDc1NjI0ODEwMzc0NTE0OTNYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 09:27:46	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 09:27:46	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023013007562481037451493X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1MDYxNzg0dmxlYTFkZTIwMjMwMTMwMDc1NjI0ODEwMzc0NTE0OTNYMTE3NzAzVjEyMjYxMzI3MDJNU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8Iurvo0MxmLjFQOq_kJyJedh-SPtpZV2sGLLpJ6GOGBEdeOt7Oyi8zm3d9e2N5rXgVamu3lJpvj8nGP1KJxLude8EJ_iRW&google_gid=CAESEJmRD-j1BiK1BjDF4DTMGnk&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK-AOKwlIspa7Bx970duHX4&google_cver=1&google_push=Aa02lx9GQDPZigLj1oPGGwP6Sk1HeITCesWFxFA2hXwXuOAShTPDtGY6RP9TeiePIme60Bhx4h9QNfAWlWtEU6XEuD5i1LjrGGxWjOs Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
cat.fr.eu.criteo.com
chopose.icu
cm.g.doubleclick.net
csm.eu.criteo.net
d.agkn.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hurriyet.gen.tr
id.rlcdn.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
parkaevant.pp.ua
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.nl.eu.criteo.com
static-de.ad4mat.net
static.criteo.net
sync.teads.tv
tpc.googlesyndication.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
googlecm.hit.gemius.pl
104.248.207.50
134.209.192.77
142.250.184.226
142.250.186.166
178.250.0.160
2001:4860:4802:34::36
23.203.125.36
23.67.134.223
2406:2600:4::1
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:3036::ac43:8967
2606:4700::6812:7f05
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:400d:803::2002
2a00:1450:400d:803::2008
2a00:1450:400d:805::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::200e
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2004
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::8
2a02:2638::b
2a02:fa8:8806:13::1400
34.98.67.61
35.157.212.215
35.244.174.68
46.4.41.145
51.89.9.254
84.200.5.215
88.99.63.132
001ffd1a22716242c216fb0041b6184538c2acbf2b4007a22589d9f0423d4f7a
006ccd217f89b84561221f94ed50ec1004a74e93363fc642c7f91415bf047b02
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08ae7734b9717db796f776510bee06edd0cc39bc097b06df93122dce7d58ae0c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd
1bd3e671dde8ff2226e67f259a8dadb762be528807d73cc11ab54749473481a7
1c454e6694e516218bbe0b3d749389f03ad8b2698909c186cfac58f5c358dd0e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2391e4e8a62f80e0715c6eba33bf465e876d3ff93ae19cfc7d73dbdf8e964386
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f8d728d935edbf2aeae36b6b3d96634885dbd474ddd1cc7d80711449109221b
31154658c0f43551d13209857161e9d915b4e3b90fb2ef653462c34441e9fcda
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b5c0408ee742b09422d0307235b78176a95429b37f52387e0e6eb5526dc975
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35da5c6b61db6ad2f028dc52eddbe524529ee5f74cf6b1eda074131d2b64bb61
368ac61525dd2d22a742fd35e2265b2615926e668c481d3b8759b14abd63a1f8
39e4688dedfe0092b93ee22ca85d9c8560d96b6e8392cb84b55945be68e1c61e
3a20ac34a9e41f94e033f91ebb7949e30a7bbec2cceb41d49a0cd5d09b8a283c
3e0a0774c2eaac2718d0cc05990d857acaf1115d4301b16ec2c96a783893bfa5
3e4b476bd4acc91c256c323ec24f60cb542d5a4df7c7821116ffb725661b97d7
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
493c515cc76ecf038eecd7cdad6c9c2789cefa0c55c442b9c4632f934a4cc18a
49ae1cb8c4f139beb5d828ee2823aa505b9fd5ca7455766659a2832bd8f5da1d
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d415e3e95dfe1183559ebe7730cab65a6da99caba514b3763f472d4917d838
5308a656d610d9d0704bccf29e9661a68715a49efa98957fb94ccac91e63aace
543c19c726035ca99b7d54c66258aecc4c53fcaf11260385835587621194bcb0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
82020205c5dc1f2b2dfede6f288ce43524b03f5b86427c0887f9e6e0cde7e1fa
89fb6b9484ce237be9a16a4d1b3a7eed3eed4c1c24b733e510250c2a76904b4f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
93816c154fcf24ff932fbadeb7d4e8545b2b1596a5277cbc87bbd221be8e60f0
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dc6eac3061ccc028ae812031bdb9b280ea76abae93a6ea6736743a5b944c1d8
a0219b531a24027597c58b8bd65c91a8e5b4ea426034298e86d840947107a28d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3323227a0eaabd936f7cd816ce2e19f886225c82fff2f53d1ba0aa0518cdcb7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
accbb4cf8e0755f7c44abea2d4bef970d550263fe499d7e8668373ebaef9fa8c
b2626214591a64f2276ed6a7ad31b5d98d2dc432f43773bf985e6cfd76c0f750
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b4c0d6007f36d410ab5ca3e4b4ebee24d5080c533387c68dcfcabe407edb8637
b6c66a615ea2a4cfc0a607805656b7d29fa3ed6e95ace494330002867d8424cd
ba869eaa8489635e634751f0b69d8f8ee46c92c9096b0067941fc3df0d428c5e
bbf93035a7a1bd4e156113433cbcce6916e4c5f2a132bdddb20293e97aba6b5b
be9616849e055ec68677e33e8a7c2a53b35d4e967d1d57be2af6e3ebafda7a4e
bf58d83de7d38ff3e65e9a6076ca3062e9c5bd96aae704cd389b74aec951676f
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c8401abf597723051b2517fe5ddfde1d35016eb0a8755515c1edb1132b5d95a9
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d711092840be7b4dcb03497457166764177c1ee6edd4379aac31fef677f1b2f0
dfa7a04a502aa46e3a98c5edce352da210261920902ff6b7fe24362bccb03f7d
e167e37922b1e3ed495c8cccd8738512680235f366074acac96e9de67a9324b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ad92ac57cfea3b795f63af2e176e1fa03a478814675212911310ef87795196
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34f53a9fbd78ee17ea6a7883f5c8d914f820d1382514547faf3235f6acb2d43
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb5c6f73c8e355e489cb0391ec98300ee31f2b9882a9d4e62b981e3b4f5e9f49
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

hurriyet.gen.tr Open in urlscan Pro 2606:4700:3036::ac43:8967 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

72 %HTTPS

64 %IPv6

31 Domains

43 Subdomains

35 IPs

9 Countries

1847 kBTransfer

4516 kBSize

25 Cookies

3 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hurriyet.gen.tr Open in urlscan Pro
2606:4700:3036::ac43:8967 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

72 %
HTTPS

64 %
IPv6

31
Domains

43
Subdomains

35
IPs

9
Countries

1847 kB
Transfer

4516 kB
Size

25
Cookies

119 HTTP transactions
2 data transactions