urlscan.io logo urlscan.io
SecurityTrails logo

mauroicard.sbs Open in urlscan Pro
2606:4700:3037::ac43:a45a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mauroicard.sbs/
Effective URL: https://mauroicard.sbs/
Submission: On November 11 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 161 HTTP transactions. The main IP is 2606:4700:3037::ac43:a45a, located in United States and belongs to CLOUDFLARENET, US. The main domain is mauroicard.sbs.
TLS certificate: Issued by GTS CA 1P5 on November 10th 2023. Valid for: 3 months.
This is the only time mauroicard.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
22 185.102.219.173 60068 (CDN77 ^_^)
5 89.187.169.43 60068 (CDN77 ^_^)
1 212.68.47.11 15830 (EQUINIX)
3 2a00:1450:400... 15169 (GOOGLE)
2 152.199.21.70 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 2a02:6b8::1:119 208722 (GLOBAL_DC)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
5 52.59.87.200 16509 (AMAZON-02)
3 163.171.128.148 54994 (ML-1432-5...)
13 2.16.202.122 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
3 212.68.47.51 15830 (EQUINIX)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
2 3.76.235.209 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
161 28
6    2606:4700:3037::ac43:a45a (United States)

ASN13335 (CLOUDFLARENET, US)
mauroicard.sbs
22    185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com
s.hbrcdn.com
i.hbrcdn.com
5    89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-43.cdn77.com
cdn.p.analitik.bik.gov.tr
www.haberler.com
1    212.68.47.11 (Turkey)

ASN15830 (EQUINIX, NL)
c.keltis.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
21    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    52.59.87.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
3    163.171.128.148 (Germany)

ASN54994 (ML-1432-54994, CA)
widget.yenimedya.com.tr
13    2.16.202.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-122.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    212.68.47.51 (Turkey)

ASN15830 (EQUINIX, NL)
foto.yenimedya.com.tr
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
24    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    3.76.235.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-235-209.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:658 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cdn.pixad.com.tr
Apex Domain
Subdomains		 Transfer
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
494 KB
22 hbrcdn.com
s.hbrcdn.com — Cisco Umbrella Rank: 198736
i.hbrcdn.com — Cisco Umbrella Rank: 110394
669 KB
20 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1584
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2642
lm.serving-sys.com — Cisco Umbrella Rank: 2729
277 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
134 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
157 KB
7 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
11 KB
6 yenimedya.com.tr
widget.yenimedya.com.tr — Cisco Umbrella Rank: 235276
foto.yenimedya.com.tr — Cisco Umbrella Rank: 255523
70 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
6 mauroicard.sbs
mauroicard.sbs
32 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
252 KB
4 haberler.com
www.haberler.com — Cisco Umbrella Rank: 151492
d.haberler.com Failed
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
70 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
236 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
12 KB
1 pixad.com.tr
static.cdn.pixad.com.tr — Cisco Umbrella Rank: 147203
7 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
63 KB
1 keltis.com
c.keltis.com — Cisco Umbrella Rank: 270387
144 B
1 bik.gov.tr
cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 66273
161 21
Domain Requested by
24 tpc.googlesyndication.com s.hbrcdn.com
googleads.g.doubleclick.net
21 pagead2.googlesyndication.com mauroicard.sbs
s.hbrcdn.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 s.hbrcdn.com mauroicard.sbs
s.hbrcdn.com
13 secure-ds.serving-sys.com s.hbrcdn.com
secure-ds.serving-sys.com
8 googleads.g.doubleclick.net s.hbrcdn.com
googleads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
6 www.google-analytics.com s.hbrcdn.com
www.google-analytics.com
mauroicard.sbs
widget.yenimedya.com.tr
6 i.hbrcdn.com mauroicard.sbs
6 mauroicard.sbs 1 redirects mauroicard.sbs
s.hbrcdn.com
5 bs.serving-sys.com mauroicard.sbs
secure-ds.serving-sys.com
5 mc.yandex.com 3 redirects mauroicard.sbs
4 www.googletagservices.com googleads.g.doubleclick.net
4 www.haberler.com s.hbrcdn.com
mauroicard.sbs
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 foto.yenimedya.com.tr widget.yenimedya.com.tr
3 widget.yenimedya.com.tr mauroicard.sbs
widget.yenimedya.com.tr
3 www.google.com 1 redirects mauroicard.sbs
s.hbrcdn.com
3 region1.analytics.google.com www.googletagmanager.com
3 mc.yandex.ru 1 redirects s.hbrcdn.com
mauroicard.sbs
3 www.googletagmanager.com s.hbrcdn.com
2 lm.serving-sys.com secure-ds.serving-sys.com
2 www.google.de mauroicard.sbs
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 delivery.adrecover.com s.hbrcdn.com
mauroicard.sbs
1 static.cdn.pixad.com.tr mauroicard.sbs
1 s0.2mdn.net secure-ds.serving-sys.com
1 fundingchoicesmessages.google.com s.hbrcdn.com
1 c.keltis.com mauroicard.sbs
1 cdn.p.analitik.bik.gov.tr mauroicard.sbs
0 d.haberler.com Failed s.hbrcdn.com
161 31
Subject Issuer Validity Valid
mauroicard.sbs
GTS CA 1P5		 2023-11-10 -
2024-02-08		 3 months crt.sh
s.hbrcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-19 -
2024-04-21		 a year crt.sh
i.hbrcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-19 -
2024-04-21		 a year crt.sh
*.p.analitik.bik.gov.tr
RapidSSL TLS RSA CA G1		 2023-05-08 -
2024-05-07		 a year crt.sh
c.keltis.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.haberler.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-02 -
2024-05-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-03-11 -
2024-04-08		 a year crt.sh
widget.yenimedya.com.tr
Sectigo RSA Domain Validation Secure Server CA		 2023-10-18 -
2024-10-18		 a year crt.sh
secure-ds.serving-sys.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
foto.yenimedya.com.tr
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
static.cdn.pixad.com.tr
E1		 2023-10-22 -
2024-01-20		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://mauroicard.sbs/
Frame ID: 6A5F12F357CF238F897EE743D4A5479F
Requests: 86 HTTP requests in this frame

Frame: https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
Frame ID: 6E79AB7D6D2617F733A65AEBA66ED7DD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: B1C2C5968EB89CF5758ABD43D79557C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Frame ID: 1787F1AF6679D284D39CA1B289C44480
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Frame ID: C782649895B074490F88F402022F0F94
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Frame ID: D117994AF35ECE8EF27604CD2DE318DE
Requests: 9 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 0647DA8E12A1C87824B3D8FE4D86A394
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&adk=1812271804&adf=3025194257&lmt=1699690197&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196990&bpp=3&bdt=2019&idt=256&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=300
Frame ID: EC4EEA3AD8C1CBF33B10A398EBD1FC9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Frame ID: D634C0FE8D7A2AF78CC05CDD824FB46C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CCCCFF7638A7FCE14FB6533F0F5863D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 985C66239E85B9A28A2F8AD738288507
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 043ED6DC21C496071267DC6F813E6BC2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 672EA6B928EF7483E7703BBF73E19DFF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 5E97A3B3B36DA277AC2117E2ECD96A2D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 5E935ACBC0DAAFF86008D499017309D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: DDAC9CE6676B95A822A80182745B9159
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Haberler - Haber, Spor, Magazin ve Son Dakika Haberleri

Page URL History Show full URLs

  1. http://mauroicard.sbs/ HTTP 301
    https://mauroicard.sbs/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

95 %
HTTPS

67 %
IPv6

21
Domains

31
Subdomains

28
IPs

5
Countries

2535 kB
Transfer

6273 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mauroicard.sbs/ HTTP 301
    https://mauroicard.sbs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10184.5rky3G87ETWNnUQAwrQqpJuJhqntqcs77OzkhBInkHfstuaZSYe4qqI3yeDHLB9o.ZNNDog7mh-2IkgWhKUs_gZc_cDY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10184.uDXtLNOBgO6t7DR0b5OPxEKFpPgRVT2nps7k89fLMWejspweP0CAwDtTpf7AjhMnpMQDH0YuGbMmoRhWLFBPYecuuf-L71wNDVCMBCeV2mrZFNqqCJHGRNSgDMfG53CsmkKmjY_BweKiYTsX-K5qA1v9OA_ahN3M8petFeTQCuMHda8spZQX0R3xV3RvHhhQSW0Hu9Um-cp7BBEYI4QuqYnQU5GarNZUkqD_eaaTWxU%2C.rpcjg9dLoSb-CgyMfyyw1Kw-d3o%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10184.3SfP-4O37YOLdxMBpeaIC3pQKAk3Y4bQLG6L7C8CJ3wsjz8lfxMmMF3QWEMEM0Oz6hHH53P3FGh_KBn_kwKN2KSas2tBsBeHsdThKX9r1kXbVt_xGjN445QrPKok4fXNdGGF0BHRbiV4oTurL1DrDxHfOF-ISTNxBVSnqlcqqQu3yHC5DKYNRfOqKOxv978CpFFlaCoLPkA2uC_6aFnFsA%2C%2C.ky_aSb1U8LEWslilO4oWnzH3s1o%2C
Request Chain 60
  • https://mc.yandex.com/watch/14231362?wmode=7&page-url=https%3A%2F%2Fmauroicard.sbs%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A405017557750%3Ahid%3A125839968%3Az%3A60%3Ai%3A20231111090956%3Aet%3A1699690196%3Ac%3A1%3Arn%3A597372205%3Arqn%3A1%3Au%3A1699690196851572484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C558%2C32%2C489%2C0%2C%2C622%2C12%2C%2C%2C%2C1809%3Aco%3A0%3Acpf%3A1%3Ans%3A1699690193637%3Agi%3AR0ExLjIuMTc0MDc1MzIyOC4xNjk5NjkwMTk2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699690197%3At%3AHaberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fmauroicard.sbs%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A405017557750%3Ahid%3A125839968%3Az%3A60%3Ai%3A20231111090956%3Aet%3A1699690196%3Ac%3A1%3Arn%3A597372205%3Arqn%3A1%3Au%3A1699690196851572484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C558%2C32%2C489%2C0%2C%2C622%2C12%2C%2C%2C%2C1809%3Aco%3A0%3Acpf%3A1%3Ans%3A1699690193637%3Agi%3AR0ExLjIuMTc0MDc1MzIyOC4xNjk5NjkwMTk2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699690197%3At%3AHaberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 123
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

161 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mauroicard.sbs/
Redirect Chain
  • http://mauroicard.sbs/
  • https://mauroicard.sbs/
156 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a45a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30 PleskLin
Resource Hash
8d9403c242762c6e70027ed6f754aa51b36b540f0af940df939ede3cbede414f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82450e421ce85d66-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 08:09:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ed0aws0g8x5XEE5xVJSyzKE397wa6Zm9kIK2RZnAodQ91tfUxDMWRA5kqNNcXXH5mPT0dvf02qMVqnhoZonMOEZ83WmRWyJodgt3LqnVKyuJ2FSc3GT3Jc9tZbgSJ19b%2FDoOUJV2m0BhmUu3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30 PleskLin

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
82450e3ebf0e696f-FRA
Connection
keep-alive
Content-Type
text/html
Date
Sat, 11 Nov 2023 08:09:53 GMT
Location
https://mauroicard.sbs/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7yZiyOYyvtEQiVVf82Fmo67snzDwkz%2BJgZVFCaDtyaHeZ%2FC6fFY3U%2BigDsoTvywcv%2F7Zpwz0h%2FrY51XNBfM70ekUbesIDmIgSH%2FcumdJ9Q3xIwuirlYn2KyWqGtTMyvCuBjcKc%2BVTyzfwb%2FKA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
cookieconsent.js
s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/ 		101 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
12435476
x-powered-by
ASP.NET
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
server
MerlinCDN
etag
W/"4d95b6d5ae46d91:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.min.js
s.hbrcdn.com/mstatic/assets/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/assets/js/jquery-3.6.0.min.js?v=82
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
91faa04b65fd63d213cced82bccaa54e6d8f705e2d982668fbe0a990cb9065ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
1642870
x-powered-by
ASP.NET
x-midtier
de-fra-dp-s02
x-cache-status
HIT
server
MerlinCDN
etag
W/"b0a453c845da1:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
general.min.css
s.hbrcdn.com/mstatic/assets/css/ 		296 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
0fc36b4dde65a56fad2f07e654ff940e73a1ce233d4924ade8a9daa4f005573d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
68155
x-powered-by
ASP.NET
x-midtier
de-fra-dp-s02
x-cache-status
HIT
server
MerlinCDN
etag
W/"775e565d713da1:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
header.css
s.hbrcdn.com/mstatic/assets/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100362
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
e95c95bb63982f0ff570a48b30ce5a8ad65a40f1930c401b4f016ed1a5acc843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
68155
x-powered-by
ASP.NET
x-midtier
de-fra-dp-s02
x-cache-status
HIT
server
MerlinCDN
etag
W/"98f56a52fb12da1:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
responsive.css
s.hbrcdn.com/mstatic/assets/css/ 		137 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/assets/css/responsive.css?v=100362
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
23ded63b624687408b1fa8cf74395f2d214a5790984b0ffb79fcfc6296621ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
68155
x-powered-by
ASP.NET
x-midtier
de-fra-lea-s01
x-cache-status
HIT
server
MerlinCDN
etag
W/"313da765d713da1:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
haberler-logo.svg
s.hbrcdn.com/static/img/tasarim/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/static/img/tasarim/haberler-logo.svg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
server
MerlinCDN
age
12435476
etag
W/"d0e022c5def2d51:0"
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
content-type
image/svg+xml
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
allow
GET, HEAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
haberler-logo.png
s.hbrcdn.com/mstatic/assets/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/mstatic/assets/img/haberler-logo.png
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
age
12435476
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-dp-s02
content-length
5417
server
MerlinCDN
etag
"c9b327ec6b9d71:0"
allow
GET, HEAD
content-type
image/png
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-header-search.png
s.hbrcdn.com/mstatic/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/mstatic/assets/img/icon-header-search.png
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
age
12435476
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
content-length
1141
server
MerlinCDN
etag
"541f49ec6b9d71:0"
allow
GET, HEAD
content-type
image/png
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
israil-1-gunde-6-hastane-bombaladi-hamas-dan-bm_16522091_9295_z3.jpg
i.hbrcdn.com/manset/2023/11/11/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hbrcdn.com/manset/2023/11/11/israil-1-gunde-6-hastane-bombaladi-hamas-dan-bm_16522091_9295_z3.jpg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
d32d1838de613a8e484891fab0189f239d5868c096bee49946df13bf6d1f66d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
partx
alljpgsx
age
6775
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
x-url
/manset/2023/11/11/israil-1-gunde-6-hastane-bombaladi-hamas-dan-bm_16522091_9295_z3.jpg
content-length
115379
last-modified
Sat, 11 Nov 2023 06:15:27 GMT
server
MerlinCDN
etag
"3cf2dd766614da1:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=864560
accept-ranges
bytes
blank_m.gif
mauroicard.sbs/ 		808 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mauroicard.sbs/blank_m.gif
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a45a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 10 Nov 2023 18:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IS0v3fFSiHmILlrV%2BwTyitKLHdflM%2F6JeESYHKzuQC1emxQPJpew8RZ7o2VD6k5cRQbfeevmnvXu7Xvl8OFf6Sr8aS69XWqcF7nSgH%2BiBAmgWJmkn11QwZOqCwNu%2FwGPGmESR%2BsGGLVfuD1kiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
82450e488a775d66-FRA
alt-svc
h3=":443"; ma=86400
iyi-parti-genel-idare-kurulu-uyesi-bahadir-erdem_16520912_4038_z1.jpg
i.hbrcdn.com/manset/2023/11/10/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hbrcdn.com/manset/2023/11/10/iyi-parti-genel-idare-kurulu-uyesi-bahadir-erdem_16520912_4038_z1.jpg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
e9df413a46cc4c7f2192848b38111f24634c03970ea99917a005e5413be3b3f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
partx
alljpgsx
age
56726
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
x-url
/manset/2023/11/10/iyi-parti-genel-idare-kurulu-uyesi-bahadir-erdem_16520912_4038_z1.jpg
content-length
85494
last-modified
Fri, 10 Nov 2023 16:22:39 GMT
server
MerlinCDN
etag
"3be4b41ff213da1:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=864560
accept-ranges
bytes
adana-demirspor-macinda-oynayacak-mi-fred-in_16522350_6_k.jpg
i.hbrcdn.com/manset/2023/11/11/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hbrcdn.com/manset/2023/11/11/adana-demirspor-macinda-oynayacak-mi-fred-in_16522350_6_k.jpg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
f0d39672ef41a2dd36b2f0481137061dbaa2cd5b073da1534a941bd6386abe29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
partx
alljpgsx
age
2988
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
x-url
/manset/2023/11/11/adana-demirspor-macinda-oynayacak-mi-fred-in_16522350_6_k.jpg
content-length
36527
last-modified
Sat, 11 Nov 2023 07:17:37 GMT
server
MerlinCDN
etag
"4b9f8266f14da1:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=864560
accept-ranges
bytes
fenomen-nevra-bilem-e-dolandiricilik-suclamasi_16522476_97_k.jpg
i.hbrcdn.com/manset/2023/11/11/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hbrcdn.com/manset/2023/11/11/fenomen-nevra-bilem-e-dolandiricilik-suclamasi_16522476_97_k.jpg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
bcf204b3a86de14d52b2cc6f129727c1e5d393c5c901365431ee70b85524f528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
partx
alljpgsx
age
596
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
x-url
/manset/2023/11/11/fenomen-nevra-bilem-e-dolandiricilik-suclamasi_16522476_97_k.jpg
content-length
36544
last-modified
Sat, 11 Nov 2023 07:57:20 GMT
server
MerlinCDN
etag
"545049b27414da1:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=864560
accept-ranges
bytes
_blank.gif
mauroicard.sbs/ 		808 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mauroicard.sbs/_blank.gif
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a45a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 18:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgeUu4Eft0baAIx0%2F13pWe2iW2QrFObuXF8mXdv4un%2FSMySfYGqAesJ8YvrWp%2B5lY%2FdwZoBrdbcWfKDIW3D%2FOOit%2B32euYSZ5MEVH7TlDCUtV2l%2F5bhL1IejUCmIDAIXZqUEJS62JKb5IwXxGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
82450e48fada5d66-FRA
alt-svc
h3=":443"; ma=86400
1x1.gif
mauroicard.sbs/ 		808 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mauroicard.sbs/1x1.gif
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a45a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 18:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdiEqOxI7QcCdKlE6ptloiE%2F6RdQaaknMO5E2E%2BFCCNaXGyvrSuRWj%2F3cj1yjhjRtLrvtxi7sGkC7hmwVGf%2BouFDE8KIzqCn0UEdTqqMNVgK1wiysJJpdP1Lwr4jFEngNeNJI6Cyv%2BJxPvsJ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
82450e48fadb5d66-FRA
alt-svc
h3=":443"; ma=86400
advertisement.gif
s.hbrcdn.com/static/reklam/ 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/static/reklam/advertisement.gif?ads=1
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
age
12435476
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
content-length
95
server
MerlinCDN
etag
"379128da78d7d51:0"
allow
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
s.hbrcdn.com/mstatic/assets/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/assets/js/script.js?v=9.9.22
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
c790c51da54df5a6b960f2a1257436154c4a7fd42ff273f21e4ee0d3fd3b3adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
1639604
x-powered-by
ASP.NET
x-midtier
de-fra-dp-s02
x-cache-status
HIT
server
MerlinCDN
etag
W/"acbfce8c8c5da1:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
tracker1.js
cdn.p.analitik.bik.gov.tr/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
c.aspx
c.keltis.com/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.keltis.com/c.aspx?
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.68.47.11 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 11 Nov 2023 08:09:54 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=86400
content-length
0
spdx.js
s.hbrcdn.com/mstatic/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/mstatic/assets/js/spdx.js?v=0
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
12435476
x-powered-by
ASP.NET
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
server
MerlinCDN
etag
W/"bf3bbc9eccb7d81:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		409 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSKB5QB
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84a736a914e348898f0f1e4e187d3b85d9177f8cfa949f7c98bdc5706b5925d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95085
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 06:25:57 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Nov 2023 08:09:55 GMT
adRecover.js
delivery.adrecover.com/45433/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/45433/adRecover.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
c45689e5c54c74087b38e461f4fbbbcd153b1b3cbb791b207660a938b87c7627

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-client-geo
DE
date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
age
204
x-cache
HIT
x-client-device
desktop
content-length
11200
x-ap-device
DESKTOP
last-modified
Sat, 11 Nov 2023 07:59:35 GMT
server
ECAcc (frc/4C94)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
DE
accept-ranges
bytes
expires
Sat, 11 Nov 2023 09:09:55 GMT
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
chp-emeklilere-5-bin-lira-ikramiye-odenmesinin_16521097_7849_z1.jpg
i.hbrcdn.com/manset/2023/11/10/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hbrcdn.com/manset/2023/11/10/chp-emeklilere-5-bin-lira-ikramiye-odenmesinin_16521097_7849_z1.jpg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
c273e7ce64774a481533acdd3f457d4b320b507e6a5fc696fd23989cb58b0a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
partx
alljpgs
age
58117
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
x-url
/manset/2023/11/10/chp-emeklilere-5-bin-lira-ikramiye-odenmesinin_16521097_7849_z1.jpg
content-length
96860
last-modified
Fri, 10 Nov 2023 15:59:51 GMT
server
MerlinCDN
etag
"118d50f0ee13da1:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=864560
accept-ranges
bytes
searchbar-icon.png
s.hbrcdn.com/mstatic/assets/img/ 		995 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/mstatic/assets/img/searchbar-icon.png
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100362
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.hbrcdn.com/mstatic/assets/css/header.css?v=100362
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
age
12353803
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
content-length
995
server
MerlinCDN
etag
"fcb7aaec6b9d71:0"
allow
GET, HEAD
content-type
image/png
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
search-icon.svg
www.haberler.com/mstatic/assets/img/ 		608 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haberler.com/mstatic/assets/img/search-icon.svg
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / ASP.NET
Resource Hash
73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.hbrcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
x-content-type-options
nosniff
content-encoding
gzip
age
10453400
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
x-xss-protection
1; mode=block
last-modified
Tue, 05 Oct 2021 08:50:33 GMT
server
MerlinCDN
etag
W/"fcb7aaec6b9d71:0"
allow
GET, HEAD
content-type
image/svg+xml
x-edge
de-fra-dp-s01
cache-control
max-age=10454400
expires
Sat, 11 Nov 2023 08:26:35 GMT
bi_arrow-left-short.svg
s.hbrcdn.com/mstatic/assets/img/ 		752 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/mstatic/assets/img/bi_arrow-left-short.svg?v=1
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
d46d30e825e52679a598b9f966c2d49ac4b9d1e2cd04875ec5e85d275ef9117e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
server
MerlinCDN
age
12353802
etag
W/"6ac4ef891acd81:0"
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
content-type
image/svg+xml
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
allow
GET, HEAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
bi_arrow-right-short.svg
s.hbrcdn.com/mstatic/assets/img/ 		705 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/mstatic/assets/img/bi_arrow-right-short.svg?v=1
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
d1b9d305dc2f4ad5551fda446328c9b47f78a45c046d3781c5d7b42039e845a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
server
MerlinCDN
age
12353802
etag
W/"b4542bf891acd81:0"
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-dp-s02
content-type
image/svg+xml
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
allow
GET, HEAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
financeUp.png
www.haberler.com/mstatic/assets/img/ 		308 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haberler.com/mstatic/assets/img/financeUp.png
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / ASP.NET
Resource Hash
4bf2b1f3d1da17cf58f4a7f5d8d5e16ac2abdfd2872935486a98b305e56534d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.hbrcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
x-content-type-options
nosniff
age
66903
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
content-length
308
x-xss-protection
1; mode=block
last-modified
Tue, 05 Oct 2021 08:50:32 GMT
server
MerlinCDN
etag
"ab8dfcdc6b9d71:0"
allow
GET, HEAD, POST
content-type
image/png
x-edge
de-fra-dp-s01
cache-control
max-age=2592000
accept-ranges
bytes
financeDown.png
www.haberler.com/mstatic/assets/img/ 		254 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haberler.com/mstatic/assets/img/financeDown.png
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/css/general.min.css?v=100362
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / ASP.NET
Resource Hash
23df262051142cdfa266ed3a47290286afc3a432d1864559875d36b9084a5393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.hbrcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
x-content-type-options
nosniff
age
346781
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-lea-s01
content-length
254
x-xss-protection
1; mode=block
last-modified
Tue, 05 Oct 2021 08:50:31 GMT
server
MerlinCDN
etag
"3cd9fadc6b9d71:0"
allow
GET, HEAD, POST
content-type
image/png
x-edge
de-fra-dp-s01
cache-control
max-age=2592000
accept-ranges
bytes
adv.js
d.haberler.com/ 		0
0
adv.js
d.haberler.com/ 		0
0
adv.js
d.haberler.com/ 		0
0
haberlercom_haberi_732.jpg
s.hbrcdn.com/static/img/haberler/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hbrcdn.com/static/img/haberler/haberlercom_haberi_732.jpg
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
bb2ded84e5fb3e479f7b3ea2d5b71ae5a3c12bcb7cbcdbbab92d33e3688c633b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
age
12353481
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
de-fra-dp-s02
content-length
20394
server
MerlinCDN
etag
"27bec261c7d81:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8=
fundingchoicesmessages.google.com/f/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXjiBnhdVIxfzhC0gUQPzo5qLJsy4eVGLVy4xdw4xNvKGRdKWS8LzrzJb569YdXDCxZm_Fwnum-KlbU3Z__hn8=
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ae93655d43547d7bedb7ed6f29ea3218a6d956f338ca54c04bbb4673229379f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_-oJ3CfBnqqpoSMhbuPYVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-_-oJ3CfBnqqpoSMhbuPYVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/ 		631 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1699690195724
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sun, 10 Nov 2024 08:09:55 GMT
date
Sat, 11 Nov 2023 08:09:55 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
7420471
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
DE
js
www.googletagmanager.com/gtag/ 		287 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7462c6ff55b1d684d8000b38e9d02c99b289ebef78204d6db34809bed48854cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95492
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 11 Nov 2023 08:09:55 GMT
tag.js
mc.yandex.ru/metrika/ 		199 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7a5f3f1905ea8c6d544c34970f19b2a17c5eaed192c74abfd9bd44641fcb27f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 09 Nov 2023 12:20:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"654cce76-11271"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70257
expires
Sat, 11 Nov 2023 09:09:56 GMT
adv.js
d.haberler.com/ 		0
0
haberler.com.png
www.haberler.com/static/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haberler.com/static/images/haberler.com.png
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / ASP.NET
Resource Hash
32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
via
HTTP/2.0 Merlin CDN
x-content-type-options
nosniff
age
66928
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
content-length
1086
x-xss-protection
1; mode=block
last-modified
Wed, 02 Jun 2021 10:59:31 GMT
server
MerlinCDN
etag
"a32ea75d9e57d71:0"
allow
GET, HEAD, POST
content-type
image/png
x-edge
de-fra-dp-s01
cache-control
max-age=2592000
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-242929-3&l=dataLayer&cx=c
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
201147f41796a114ea6216a83deb70152815745105f455a76e2a33f6c5074e93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50425
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 11 Nov 2023 08:09:55 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3b81v9103786146z8838813481&_p=1699690195305&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1740753228.1699690196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699690195&sct=1&seg=0&dl=https%3A%2F%2Fmauroicard.sbs%2F&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=2352
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mauroicard.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FFKENFZBJW&cid=1740753228.1699690196&gtm=45je3b81v9103786146z8838813481&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mauroicard.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FFKENFZBJW&cid=1740753228.1699690196&gtm=45je3b81v9103786146z8838813481&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=491376739
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 11 Nov 2023 07:51:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1106
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 11 Nov 2023 09:51:30 GMT
collect
www.google-analytics.com/j/ 		2 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2039897583&t=pageview&_s=1&dl=https%3A%2F%2Fmauroicard.sbs%2F&ul=en-us&de=UTF-8&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2084695779&gjid=769422416&cid=1740753228.1699690196&tid=UA-242929-3&_gid=2142677198.1699690196&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=700236344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mauroicard.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2039897583&t=event&_s=2&dl=https%3A%2F%2Fmauroicard.sbs%2F&ul=en-us&de=UTF-8&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=ad_stats&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1740753228.1699690196&tid=UA-242929-3&_gid=2142677198.1699690196&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1104017201
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 09:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81004
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2039897583&t=event&_s=3&dl=https%3A%2F%2Fmauroicard.sbs%2F&ul=en-us&de=UTF-8&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=ad_stats&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1740753228.1699690196&tid=UA-242929-3&_gid=2142677198.1699690196&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=434318514
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 09:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81004
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2039897583&t=event&_s=4&dl=https%3A%2F%2Fmauroicard.sbs%2F&ul=en-us&de=UTF-8&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=ad_stats&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1740753228.1699690196&tid=UA-242929-3&_gid=2142677198.1699690196&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1747096206
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 09:39:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81004
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10184.5rky3G87ETWNnUQAwrQqpJuJhqntqcs77OzkhBInkHfstuaZSYe4qqI3yeDHLB9o.ZNNDog7mh-2IkgWhKUs_gZc_cDY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10184.uDXtLNOBgO6t7DR0b5OPxEKFpPgRVT2nps7k89fLMWejspweP0CAwDtTpf7AjhMnpMQDH0YuGbMmoRhWLFBPYecuuf-L71wNDVCMBCeV2mrZFNqqCJHGRNSgDMfG53CsmkKmjY_Bwe...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10184.3SfP-4O37YOLdxMBpeaIC3pQKAk3Y4bQLG6L7C8CJ3wsjz8lfxMmMF3QWEMEM0Oz6hHH53P3FGh_KBn_kwKN2KSas2tBsBeHsdThKX9r1kXbV...
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10184.3SfP-4O37YOLdxMBpeaIC3pQKAk3Y4bQLG6L7C8CJ3wsjz8lfxMmMF3QWEMEM0Oz6hHH53P3FGh_KBn_kwKN2KSas2tBsBeHsdThKX9r1kXbVt_xGjN445QrPKok4fXNdGGF0BHRbiV4oTurL1DrDxHfOF-ISTNxBVSnqlcqqQu3yHC5DKYNRfOqKOxv978CpFFlaCoLPkA2uC_6aFnFsA%2C%2C.ky_aSb1U8LEWslilO4oWnzH3s1o%2C
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10184.3SfP-4O37YOLdxMBpeaIC3pQKAk3Y4bQLG6L7C8CJ3wsjz8lfxMmMF3QWEMEM0Oz6hHH53P3FGh_KBn_kwKN2KSas2tBsBeHsdThKX9r1kXbVt_xGjN445QrPKok4fXNdGGF0BHRbiV4oTurL1DrDxHfOF-ISTNxBVSnqlcqqQu3yHC5DKYNRfOqKOxv978CpFFlaCoLPkA2uC_6aFnFsA%2C%2C.ky_aSb1U8LEWslilO4oWnzH3s1o%2C
date
Sat, 11 Nov 2023 08:09:56 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 09 Nov 2023 12:20:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"654cce76-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 11 Nov 2023 09:09:56 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-242929-3&cid=1740753228.1699690196&jid=2084695779&gjid=769422416&_gid=2142677198.1699690196&_u=YADAAUAAAAAAACAAI~&z=1988387917
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 11 Nov 2023 08:09:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mauroicard.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242929-3&cid=1740753228.1699690196&jid=2084695779&_u=YADAAUAAAAAAACAAI~&z=1936632144
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242929-3&cid=1740753228.1699690196&jid=2084695779&_u=YADAAUAAAAAAACAAI~&z=1936632144
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
188f911b349253c72df4a5eb70fb0c5cb372928a7e7072da6bc355f3c0fe0f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52747
x-xss-protection
0
server
cafe
etag
2871389384725275711
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:09:56 GMT
lazyload.js
mauroicard.sbs/mstatic/assets/js/ 		808 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mauroicard.sbs/mstatic/assets/js/lazyload.js?v=0&_=1699690195295
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/assets/js/jquery-3.6.0.min.js?v=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a45a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://mauroicard.sbs/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 18:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M54KmYbZUvIetK6IMc%2FlbCS3Mi9t6mQHPkgJH3KGZuRW0HDN3ZfZxXemSTgKtSKcLknjQYb8L9%2FAbHs7CsNZ5Nrk2S9rNzqRdVwd8LUUF6sKkCPnp7l%2FnkoSqL1Bcjl56oSNR8JLEcW4vfl1mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
82450e516f1230e4-FRA
alt-svc
h3=":443"; ma=86400
ah_2.js
s.hbrcdn.com/static/js/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.hbrcdn.com/static/js/ah_2.js?v=0.02.113
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
317bcc98ebdc7c4aa53ba44bb28717dea2c9e2bfb3e7fc4327655945224f4cd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
12353801
x-powered-by
ASP.NET
x-midtier
de-fra-lea-s01
x-cache-status
HIT
server
MerlinCDN
etag
W/"b3b27ceba937d81:0"
vary
Accept-Encoding
allow
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
macron-un-artik-dur-cagrisina-netanyahu-dan_16522105_2562_z3.jpg
i.hbrcdn.com/manset/2023/11/11/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hbrcdn.com/manset/2023/11/11/macron-un-artik-dur-cagrisina-netanyahu-dan_16522105_2562_z3.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
5361d89a69623f533fffd65f6b03bb1bc3a38477ed3642aa030228215db2b3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:56 GMT
via
HTTP/2.0 Merlin CDN
partx
alljpgs
age
12387
x-powered-by
ASP.NET
x-cache-status
HIT
x-midtier
nl-naw-ws-s08
x-url
/manset/2023/11/11/macron-un-artik-dur-cagrisina-netanyahu-dan_16522105_2562_z3.jpg
content-length
73395
last-modified
Sat, 11 Nov 2023 04:41:22 GMT
server
MerlinCDN
etag
"f4ac5b525914da1:0"
allow
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
max-age=864560
accept-ranges
bytes
adServer.bs
bs.serving-sys.com/Serving/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079782712&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_68}&us_privacy=${US_PRIVACY}&w=970&h=250&ord=_ADTIME_&z=10000
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f0f4dc58487c65c186729576e31c0218f289cc563ad84d68e63ab29bdaba4db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
4759
expires
Sun, 05-Jun-2005 22:00:00 GMT
newdynamicwidget
widget.yenimedya.com.tr/Partner/ Frame 6E79 		27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
891424705ae0561e73fce938951cfa0226650873e0aa94de290a37d7431a6d5a

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
12
Cache-Control
public, max-age=14
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 11 Nov 2023 08:09:56 GMT
Expires
Sat, 11 Nov 2023 08:09:58 GMT
Last-Modified
Sat, 11 Nov 2023 08:09:02 GMT
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Via
1.1 PS-FRA-01E6z147:5 (W), 1.1 PSdgflkfFRA1je97:14 (W)
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
X-Px
ht PSdgflkfFRA1je97FRA
X-Ws-Request-Id
654f36d4_PSdgflkfFRA1je97_21670-5867
1
mc.yandex.com/watch/14231362/
Redirect Chain
  • https://mc.yandex.com/watch/14231362?wmode=7&page-url=https%3A%2F%2Fmauroicard.sbs%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1785%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.com/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fmauroicard.sbs%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1785%3Afu%3A0%3Aen%3A...
420 B
511 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fmauroicard.sbs%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A405017557750%3Ahid%3A125839968%3Az%3A60%3Ai%3A20231111090956%3Aet%3A1699690196%3Ac%3A1%3Arn%3A597372205%3Arqn%3A1%3Au%3A1699690196851572484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C558%2C32%2C489%2C0%2C%2C622%2C12%2C%2C%2C%2C1809%3Aco%3A0%3Acpf%3A1%3Ans%3A1699690193637%3Agi%3AR0ExLjIuMTc0MDc1MzIyOC4xNjk5NjkwMTk2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699690197%3At%3AHaberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b339f8787db3a17deb4a573dcede43e8f355b7e64e6f51fee991b9676d910d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 11-Nov-2023 08:09:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mauroicard.sbs
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Sat, 11-Nov-2023 08:09:56 GMT

Redirect headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:56 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 11-Nov-2023 08:09:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/14231362/1?wmode=7&page-url=https%3A%2F%2Fmauroicard.sbs%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1nabcoadx7twmn7rlaoaaehn%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1150%3Acn%3A1%3Adp%3A0%3Als%3A405017557750%3Ahid%3A125839968%3Az%3A60%3Ai%3A20231111090956%3Aet%3A1699690196%3Ac%3A1%3Arn%3A597372205%3Arqn%3A1%3Au%3A1699690196851572484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C94%2C558%2C32%2C489%2C0%2C%2C622%2C12%2C%2C%2C%2C1809%3Aco%3A0%3Acpf%3A1%3Ans%3A1699690193637%3Agi%3AR0ExLjIuMTc0MDc1MzIyOC4xNjk5NjkwMTk2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1699690197%3At%3AHaberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://mauroicard.sbs
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 11-Nov-2023 08:09:56 GMT
CookiesInfoSetAll.js
d.haberler.com/ 		0
0
swiper.min.js
widget.yenimedya.com.tr/Content/assets/js/ Frame 6E79 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.yenimedya.com.tr/Content/assets/js/swiper.min.js
Requested by
Host: widget.yenimedya.com.tr
URL: https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
4815264b50f434d86793936f45c51c7f0e9241ad9757eb46ab4ac6a5ab690d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sat, 11 Nov 2023 08:09:56 GMT
Content-Encoding
gzip
Via
1.1 PSdgflkfFRA1bc200:11 (W), 1.1 PSdgflkfFRA1je97:22 (W)
Last-Modified
Wed, 24 Jun 2020 09:40:48 GMT
Server
PWS/8.3.1.0.8
Age
422279
ETag
"54a2688ab4ad61:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Ws-Request-Id
654f36d4_PSdgflkfFRA1je97_21670-5871
Content-Type
application/javascript
Cache-Control
max-age=864000
X-Px
ht PSdgflkfFRA1je97FRA
Connection
keep-alive
Accept-Ranges
bytes
SaveImpression
widget.yenimedya.com.tr/Service/ Frame 6E79 		0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.yenimedya.com.tr/Service/SaveImpression?newsId=2229357&newsId=2233386&newsId=2227381&newsId=2228403&newsId=2227624&newsId=2227816&newsId=2228917&newsId=2228195&newsId=2227667&newsId=2228271&newsId=2228378&newsId=2230374&newsId=2233113&
Requested by
Host: widget.yenimedya.com.tr
URL: https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sat, 11 Nov 2023 08:09:57 GMT
Via
1.1 PSdgflkfFRA1ox201:3 (W), 1.1 PSdgflkfFRA1je97:17 (W)
X-AspNetMvc-Version
5.2
Server
PWS/8.3.1.0.8
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Ws-Request-Id
654f36d4_PSdgflkfFRA1je97_21670-5875
Cache-Control
private
X-Px
ms PSdgflkfFRA1je97FRA,ms PSdgflkfFRA1ox201FRA(origin)
Connection
keep-alive
Content-Length
0
analytics.js
www.google-analytics.com/ Frame 6E79 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: widget.yenimedya.com.tr
URL: https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.yenimedya.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 11 Nov 2023 07:51:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1106
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 11 Nov 2023 09:51:30 GMT
versionsFR.js
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ 		213 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsFR.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
77e0cbf5f73df644f929b908ed8697c27fecc3b456810ba75909ca8d14067104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-amz-request-id
H29ZFHFN9RQQMVSY
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
126
x-amz-id-2
S2pIgx8GOm0fJ23czms39rhaKY3Y5ChDwHTK0BXnHomY/u2kn4eXCAYgEvLH5GcafJDn2g8DQ0I=
last-modified
Wed, 04 Oct 2023 14:58:21 GMT
server
AmazonS3
etag
"7760d8126d8e1e7690d4e2ab3748812f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=705360
accept-ranges
bytes
x-amz-cf-id
hECahoVGu8UTA4rhjoN8Lh1YvJEgMCU5txrfkugp2m3DrjWYrk9hgA==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8718605733307345&plah=mauroicard.sbs&bust=31079588
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b7bae03943e0308e7a91c1d7cc6ed9bd8e2046f939115b5b657b4acb20f928c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138530
x-xss-protection
0
server
cafe
etag
6893665475470135170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:09:57 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame B1C2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 01:53:28 GMT
etag
16674218716276178799
expires
Sat, 25 Nov 2023 01:53:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&tcfv1=0&tcfv2=0&usp=0&fc=1&ptt=9&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OturumGosterim.js
d.haberler.com/ 		0
0
balik-derisinin-inanilmaz-faydalari-2229357_k.jpg
foto.yenimedya.com.tr/partner-widget/2023/11/10/ Frame 6E79 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foto.yenimedya.com.tr/partner-widget/2023/11/10/balik-derisinin-inanilmaz-faydalari-2229357_k.jpg
Requested by
Host: widget.yenimedya.com.tr
URL: https://widget.yenimedya.com.tr/Partner/newdynamicwidget?userId=1050
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.68.47.51 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
de7ce76e37a6ac573dc2ed2c7d0c2dbe3d855abdbe155847ce7c3998105258ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.yenimedya.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Fri, 10 Nov 2023 15:59:47 GMT
server
nginx
partx
alljpgs
etag
"a7999eedee13da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
x-url
/partner-widget/2023/11/10/balik-derisinin-inanilmaz-faydalari-2229357_k.jpg
access-control-allow-origin
*
cache-control
max-age=1468800
accept-ranges
bytes
content-length
9575
expires
Tue, 28 Nov 2023 08:09:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ebHtml5Banner.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ 		302 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
653fa3a5827add226262f6aeb8dea0a49439241bc4e776caf36ed3e22f198f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-amz-request-id
EFKN3ZGAJ1A9TA97
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
83531
x-amz-id-2
gkaAHNCtSzXYOnb+dRw+saRoE8AHlI8eCxlSpgJFsPuK/Plc/swcHqQ63zjMNz/yLyxuS0DyR98=
last-modified
Wed, 04 Oct 2023 14:16:44 GMT
server
AmazonS3
etag
"f77480d0862b4ade584023228ed4dab1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=543448
accept-ranges
bytes
x-amz-cf-id
SdwvAoSuU2IJQUudns68U9hTDu7SBsPGjFS7UQpcc_KNzmkKLFkg-g==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=3&tms=200&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1787 		98 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f094daacd0356f42fd95723e709e62f954be0eeed3171577948c6ff6d2d50ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34259
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
expires
Sat, 11 Nov 2023 08:09:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8718605733307345&plah=mauroicard.sbs&bust=31079588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4ce25333e0b4d8ab81152655ffac98a9e5acf9aac6075c48df1a73a3b1891fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12305
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C782 		106 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b85c151f5a3ea3a34980d9afe579147dd6b3b12da33239fb0956c454afceb0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34568
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:58 GMT
expires
Sat, 11 Nov 2023 08:09:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D117 		77 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd9da986788fd5b37519896c9feeb1c05933785d5cc2911f8d3126d04813ebc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
30436
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
expires
Sat, 11 Nov 2023 08:09:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/URLUtil.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-amz-request-id
18B5SXSC3BCVXRP5
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
1951
x-amz-id-2
gXMRn5sxpvE46ZxeX907MOWacVpdgsdnIcoWIq4fT1Cs9KVZVtK/alvg0M0EzlxxFjsVk2+Q5Yc=
last-modified
Wed, 04 Oct 2023 14:16:50 GMT
server
AmazonS3
etag
"3470a076f0022d50a41874998110932e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=640119
accept-ranges
bytes
x-amz-cf-id
nHcXCynyZmr-o5t3KWY39y1bBG9JMcWuPohR3mhUOsTAMF2B1qwqyw==
970x250.html
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/ Frame 0647 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7dad67e560aa00ee037762d8e081cad9c4473faa6253a0efa2032f3d441a7cb

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
1421
content-type
text/html
date
Sat, 11 Nov 2023 08:09:57 GMT
etag
"112c3ab0691921a7573c6cc86fe9f4f2"
expires
Mon, 31 Dec 2035 00:00:00 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-cf-id
rzCQln7L9Wfs4Im4oIrsM8R7ljxW76bgQFCrzHquY7a5zZ4wM-qGZQ==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
kUcuDZbfy7.gAVDv1cjquKouIbfEiOwj
ads
googleads.g.doubleclick.net/pagead/ Frame EC4E 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&adk=1812271804&adf=3025194257&lmt=1699690197&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196990&bpp=3&bdt=2019&idt=256&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=300
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
expires
Sat, 11 Nov 2023 08:09:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=hbHeaderInBottom&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D634 		94 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
912738bc2b47b542807b5cf9ff1dd7b3802705a7be9916be5c7fda05ae3834fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
32368
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
expires
Sat, 11 Nov 2023 08:09:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0647 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 08:09:57 GMT
970x250.js
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/ Frame 0647 		108 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e4a0fc024eb6f2a356958b908403c7ccadb99c3b70219912e71708b0baaacbcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
ZpB17fa4A0o1E9iV.ZHBxMPP4RYGDx3E
content-encoding
gzip
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"242e3990c0ed0f4ea66fe5e8981fd70f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
SVyYqLbDrdNflgYPbJBuBnZVDLUmFVSOatEtHnMXhszuau1-DTpjOg==
content-length
18290
expires
Mon, 31 Dec 2035 00:00:00 GMT
EBLoader.js
secure-ds.serving-sys.com/BurstingScript/ Frame 0647 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-amz-request-id
PBZKZ9E99F7PZTQS
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
content-length
3615
x-amz-id-2
dY1sog/jFEOXiYot7VLY5EaWxRlMw+g1cFNblO7r9aXCbhbJezkSDuJakCliYca4euOvAZIL6gI=
pragma
no-cache
last-modified
Tue, 18 Jul 2023 10:48:48 GMT
server
AmazonS3
etag
"b92fa833b298e9df5fa8ee69009adb9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
4OXxlVtKMzrf0CE86k4M55OedEnm5LY-Vch0e6nzkZFnV1iXH_OAlw==
expires
Sat, 11 Nov 2023 08:09:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 08:09:57 GMT
EB.js
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_174_1_0/ Frame 0647 		79 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_174_1_0/EB.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-amz-request-id
RKKKE767SE8YD12F
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
28366
x-amz-id-2
X9ITCify+2RwFFFfX9omqh5OAc9NP8CuFTPUpMmmg90tZsxRQnrTHL9a2Ew4ekH1EEVO9c0Pn6c=
last-modified
Wed, 04 Oct 2023 14:16:49 GMT
server
AmazonS3
etag
"1e19bdb7b58f499266826e96c99faa92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1288140
accept-ranges
bytes
x-amz-cf-id
Xw7eYu2KJbXm_9CcUk6HXOanKf__rQWYt2L18MgiH54CEDLgV33LHQ==
_1kahve.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/ Frame 0647 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/_1kahve.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5914faf679224b6426b0121c37c654bba230ccec3d8929bad8cfbe60b0fabcd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
k8M7y1XazDZ.dCRXrlDSaqeWBoPv6iqP
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"65733048fb890de5a7051f75eb67774d"
x-amz-server-side-encryption
AES256
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
25409
x-amz-cf-id
KduqnIJd23-rxGTE-or0NtCEu8DNMKIKzjHz3dVGYfGBTvNw5vIl0w==
expires
Mon, 31 Dec 2035 00:00:00 GMT
evt
lm.serving-sys.com/lm/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.235.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-235-209.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://mauroicard.sbs
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ 		24 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=47965922594925960&ai=1091967289&usercookie=u2=31221358-add7-4025-b38d-84b2ad2bab0f&oo=1&clsrc=2&clbv=_2_245_3_0&gdprpurposes=834&dg=1078219807&sdg=1079496186&ctick=346&ord=0.8824548239164534
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mauroicard.sbs
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1091967289~~0~~1078219807~~47965922594925960^VsR~0~0~01020~348^VsRAd~0~0~01020~348^AdStart~0~0~01020~348&usercookie=u2=31221358-add7-4025-b38d-84b2ad2bab0f&OptOut=1&rnd=0.789611979708708&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mauroicard.sbs
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1091967289~~0~~1078219807~~47965922594925960%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~350$$&usercookie=u2=31221358-add7-4025-b38d-84b2ad2bab0f&OptOut=1&rnd=0.571710792179567&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mauroicard.sbs
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
css
fonts.googleapis.com/ Frame 1787 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 07:27:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 08:09:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 1787 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
49832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CCC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 07:16:24 GMT
expires
Sun, 10 Nov 2024 07:16:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 985C 		829 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: s.hbrcdn.com
URL: https://s.hbrcdn.com/mstatic/cookieconsent-1.3.2/build/cookieconsent.js?v=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
78bc9cfbe41afe4e6c4bd854433acbc9acf7da890c29e32a126ebcb6b91b4f6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mJtEOko5mEOavsn08LnhbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mauroicard.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mJtEOko5mEOavsn08LnhbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
expires
Sat, 11 Nov 2023 08:09:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 1787 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 1787 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 07:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 07:16:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 1787 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:27:55 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1787 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:09:57 GMT
81801f102bbf3ca11da2806ffde236a3.js
www.gstatic.com/mysidia/ Frame 1787 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15369
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:06:31 GMT
15846486373794520690
tpc.googlesyndication.com/simgad/ Frame D117 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15846486373794520690?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmi4rpDR6mmBP8Q9EH5K0NoYp3W-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e82e0740b847a9b7f3841f952e6e732d517c8d234ae25374216d5b83b898470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:29:43 GMT
x-content-type-options
nosniff
age
63614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55468
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 14:07:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 14:29:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame D117 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame D117 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 07:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 07:16:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame D117 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:27:55 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D117 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:09:57 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame D117 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a087ed5b4a4fecef1e79febefc2fca7f1798fca58de651f14b05fa079254de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
server
cafe
etag
10662720562669989428
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:22:23 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/2478839480595813057/ Frame 1787 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2478839480595813057/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e749e95840f57bebd2b6cdf67220c7b503e21728ab2d76f3590336228afa57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:03:35 GMT
x-content-type-options
nosniff
age
173182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41129
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 10:01:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 08:03:35 GMT
1588734948676540268
tpc.googlesyndication.com/simgad/ Frame 1787 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1588734948676540268?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48fc00ef9f68fe91d1b6b1588cfb23b6e80222cb0680d8425c027bd6219b7648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 19:00:18 GMT
x-content-type-options
nosniff
age
133779
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4861
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 15:46:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 19:00:18 GMT
truncated
/ Frame 1787 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
_1ps5.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/ Frame 0647 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/_1ps5.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
df1187a4c611916281c8b88e08f2b0bcf7d893988266aab547df4e00cc3f4bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
7ysOABQTU_YCrTDJsjR2rTQFqAn2zDwg
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"69dadcf95a97854073f6c3e6475751da"
x-amz-server-side-encryption
AES256
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
26078
x-amz-cf-id
0O8TgIjGfQCXRerZwB6kgJUYLqSz2KoixDwUjcCXoazCBvF7vbMAww==
expires
Mon, 31 Dec 2035 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 043E 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 07:58:26 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
apple.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/ Frame 0647 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/apple.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b51e9a0d0e21f81c254be21906de61b7ebde5d9498ed24593c232b6943e393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
g5vpIMzVh2nzBdGTOEv.nLOgTbS9ZWw_
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
etag
"097853029970d887297ab07ff17aa80e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
26619
x-amz-cf-id
JfPKwI4UhTtKs6LhzJ-L3LPbIuP0pr5lyOEXLNq5x8GKaXkv0ZgJlw==
expires
Mon, 31 Dec 2035 00:00:00 GMT
truncated
/ Frame 1787 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
417f3126232e5d72fb6902f2d51e98449c60400efce77442299b2ca7093cea7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 985C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=1311225346123466&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
truncated
/ Frame D117 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f8735db1764d579016e6a5757f01cafc13042397200a9bc01d444fabc453865

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3b81v9103786146z8838813481&_p=1699690195305&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1740753228.1699690196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1699690195&sct=1&seg=0&dl=https%3A%2F%2Fmauroicard.sbs%2F&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&_s=2&tfd=4114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mauroicard.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6CCC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 21:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
39717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 21:08:00 GMT
beklenen.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/ Frame 0647 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/beklenen.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97312d7804bfabd03f08d5cb74e14939ee1fba4dbd19055260d3c17081a5fd3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
qiMk.saM91oZhijGJ7HSDzQxY1gFqtKL
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"95210a5119ebd289bd28328873d48f2e"
x-amz-server-side-encryption
AES256
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
18182
x-amz-cf-id
iIYli9uGPRDmq-6SGVI0MzW-8JQndOp-nMEbtpFL97HaSNsxll3Dcw==
expires
Mon, 31 Dec 2035 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 043E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
expires
Sat, 11 Nov 2023 08:09:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 08:09:57 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame D634 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 07:35:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 08:09:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame D634 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
49832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:25 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16432321548746362753/ Frame D634 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16432321548746362753/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8424c5a71d7021fe706770775ffbab03406445697df26c196505558c42e7c014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:46:30 GMT
x-content-type-options
nosniff
age
120207
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12902
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 14:18:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 22:46:30 GMT
truncated
/ Frame D634 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame D634 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame D634 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 07:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 07:16:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame D634 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:27:55 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D634 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:09:57 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame D634 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 22:35:41 GMT
geliyor.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/ Frame 0647 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/geliyor.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
36d3617f798c0a920efa4e23fd35d84ffa32f2e8b85569272da1dc7fd6449252

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
bpeiBSMBH3uYOwQrGZMq17vozqSJP9kR
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
etag
"26862de7da3ec131bc342b9d6fd13656"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
14425
x-amz-cf-id
P41sBpr30l34eYX4I_MLGifZoU8SuJI2KFnWObDJN_B-ZyinP7qKsQ==
expires
Mon, 31 Dec 2035 00:00:00 GMT
halkas.png
secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/ Frame 0647 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/images/halkas.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2dc371a274addc693d147e5d81e8c34567dceec5b7f1d4fd0ed7e2ebde51f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746023/20231106/1077301144/83409196795560536/970x250.html?v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
lcJC9cDxo_XgCdnrZidMHEvwDZim76se
date
Sat, 11 Nov 2023 08:09:57 GMT
last-modified
Mon, 06 Nov 2023 08:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"023d9672ca82da9c61091061e7836dea"
x-amz-server-side-encryption
AES256
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
24095
x-amz-cf-id
we1J43Oie8DdyeIaQPDbLifCjbtsvOh1guKPhH7-Cqs-D4kc9mKpWg==
expires
Mon, 31 Dec 2035 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1787 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:32:45 GMT
x-content-type-options
nosniff
age
128233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:32:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1787 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 18:18:43 GMT
x-content-type-options
nosniff
age
395475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 18:18:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1787 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 14:58:03 GMT
x-content-type-options
nosniff
age
580315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 14:58:03 GMT
truncated
/ Frame D634 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb7f90b7233d7654f44050c9ee84f309e3191cd99836a4afe328b5411bf075f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 672E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=Haberler_Desktop_HP_300x600&adk=753101176&adf=3680343564&pi=t.ma~as.Haberler_Desktop_HP_&w=300&lmt=1699690197&format=300x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196971&bpp=1&bdt=2000&idt=231&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
109290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 01:48:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D634 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:26:14 GMT
x-content-type-options
nosniff
age
312224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D634 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:32:45 GMT
x-content-type-options
nosniff
age
128233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:32:45 GMT
generate_204
tpc.googlesyndication.com/ Frame 6CCC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SqBmmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 5E97 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=1703841254&adk=1250606791&adf=2097866407&pi=t.ma~as.1703841254&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196964&bpp=6&bdt=1992&idt=202&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=1681791022494&frm=20&pv=2&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1338&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
109290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 01:48:28 GMT
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 5E93 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=280&slotname=haberler_Desktop_HP_336x280_1&adk=4174044084&adf=2888870000&pi=t.ma~as.haberler_Desktop_HP_&w=336&lmt=1699690197&format=336x280&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690197000&bpp=1&bdt=2029&idt=295&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600%2C300x600%2C0x0&nras=1&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
109290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 01:48:28 GMT
css
fonts.googleapis.com/ Frame C782 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 08:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 07:27:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 08:09:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C782 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
49833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame C782 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C782 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 07:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 07:16:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C782 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 18:27:55 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C782 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:09:58 GMT
81801f102bbf3ca11da2806ffde236a3.js
www.gstatic.com/mysidia/ Frame C782 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15369
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:06:31 GMT
adServer.bs
bs.serving-sys.com/Serving/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1091967289~~0~~1078219807~~47965922594925960^VsIAB~0~0~01020~1362&usercookie=u2=31221358-add7-4025-b38d-84b2ad2bab0f&OptOut=1&rnd=0.6693049191851135&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mauroicard.sbs
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16432321548746362753/ Frame C782 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16432321548746362753/14763004658117789537?w=195&h=102&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d79b19e24eb454f21fc93760e8ee16abcf304036d9bf08d6e5c0a862cab674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:37:59 GMT
x-content-type-options
nosniff
age
210719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4175
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 14:18:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 21:37:59 GMT
truncated
/ Frame C782 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C782 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C782 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19e4ffc707ace65e2f0cd6ac68c20b2ad9a292619744d003d26fb8f7cb40198a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C782 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
342040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 09:09:18 GMT
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame DDAC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8718605733307345&output=html&h=600&slotname=5852669271&adk=3836988885&adf=725156475&pi=t.ma~as.5852669271&w=160&lmt=1699690197&format=160x600&url=https%3A%2F%2Fmauroicard.sbs%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699690196970&bpp=1&bdt=1999&idt=226&shv=r20231108&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1681791022494&frm=20&pv=1&ga_vid=1740753228.1699690196&ga_sid=1699690197&ga_hid=2039897583&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=102&ady=336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079516%2C44795922%2C44804683%2C44807460%2C44808111%2C31078297%2C31079588%2C44807754%2C44807763%2C44808149&oid=2&pvsid=1311225346123466&tmod=2108277078&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
109290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 01:48:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=1311225346123466&bg=!gYKlgs3NAAZxrfrxUa07ADQBe5WfONCDYcH3gmW4Nct6mKARTqrYWS39DrXhpHxWZLv16fPLjM3aWY3kXRKVXVpzj9b9AgAAAbFSAAAADWgBB5kCvsQJKQdIq0crSKyraCYYBcoNaSIwUmWKtAuF6ACi5QtYuVI-LFdo86SBSlRdwATZrt1gzcBxQ8WB2AEuKyEqemHm5lAaBubv5XAJzYELF8Td3AjxfX_H-_D0rM58zC-MK-VESRZgGeWfqkzTOyWH27dmjwQ6F5qw_sbiexpaOQlGkaSGcfqkraW_CkGUMaLwjuQ_M-6J2oGlUctd3BvwnAiWz6MBAODIjWltyKjyztZqCSnrx0iSD_RSdvrCUS_vgQFDjZwSBiNENgXt8EYADLxuiqn6QOd0iTnBd3r2AT6EH2bAS3HnNZZcLPlNX84qTf2mbW0utg-0b6uHbTich34HPJyenK5JDakdWTnvXvEfwfCMfCANac1qVRqiEp3dZLKPcZNbGiZXIGGScBi7YmFuU1jPMBQIqQ53QyNca4juyC8yuc_K2PVwdQ1vK_1JoOingBIMBebskIqqnjLsTLRcumxn12FL-Ni1C1syq2SqHV293fPof69kIe72XUT9AhHEr4PcZPhK9Zpld3E4hadp1ATNqj-L6vI4EwfQzvEX4HfNRSBB-umyUN11AkQvE4YLdQ3_r5UMA9-CqgsVMEA8D5rY8IuCaZRBBHLrlFLQzIvdTwcOA2xBk8z2At4VpwrZU3IAh3UqIFw7zwzVQ0Q5PyUoQi9rPECVeDeuj4gPJFO1XkD9tvF-bR7OClaNCKKLlCCu6yNvs0bwM4SO0D3CzmlAcWjzbQB0Q5VN4TYtrx3wGPme1qQOI919pV7ob18Ph6lE9FDFy8AAzPocZf_CHiCk9l0hMlkwK4o3BWbGAbdis8DiBB3ZfS5vKzsCqX4QLli1gVjqi3KgZQshnmt8oGqLOt6rbe3A_HkLEdN8lsxgYoTe-uOzTjGmLXTau3UPVbu5vIKOvDjmwKE2voGo4s0Ud_NbaZw9ZFiNzw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D117 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIkJsGGcrIT7bpQumD6aJONTyp2l84i9bMG-qLtQ7e1ffQeluqD14yge9tzEG18R8LtLRUARuXqOfEFtpzOSEq1O2NtqBQ6gqkKCzHNSoCQWW8TaLTBWdy2iK38KUnflGJk2kD3yXlDln4&sai=AMfl-YTGcAabPIx7BYTWdI9qmHY4OO_HAoagJTEjkYjxgpRLDcZMnaT44QKXC8B1zStJVUoi8MbVzawFmLmu&sig=Cg0ArKJSzC3hkjLO9ppMEAE&cid=CAQSGwDICaaNmfysWIunzGMhcq3oZmoT1HdnGyljAxgB&id=lidar2&mcvt=1007&p=0,0,600,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=753101176&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699690197209&rpt=734&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1787 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE2WKraZTvKkRWqIXw5u3NrQeiQptN1HBoRmET54SWsjsfBuG__4LEAVVPKq1cVNRKyg-gi26JloeJlvdrAJoiojPLe4U_tmpw4Xkc2FWL7vQL-zht_46m_HOZoK-wjxpomPr9AeLqMsYoz7eTbHs7d452DOKk-OVeXkGRq-EYLthYaR7j_bQ2fsutuW-RyYpgAQ6tilNXPyTr2Mb-sz0rCbEYQgHMdx7QS40NKld_VwchRssWu70iX6flADCHguxN1JWz5aQMBj4e9AdrExtluUgdeb-UygKAOzOK-IqgMh81PsStEdqN2U8LtPKd1jwMPc8COgHeMtM7_jzZCTK5cR4GhQ17B2hKDBAbW20GI608ZV4EPWK4SsSwX4gnYgB-_jkdb12FmnV6_nBFcinswyjIkPGlM7HQf5NDHDR_MJuynSLqp7rAOTj6j0ajZpy2iGi_Jq6eWNwGSVN-K2E07YfPXmF-t9G0wFfGMfDtZxDyNXRVTvb9Ohoa5_09Emz0-mR1zmHQn8nZRMgGRG4uoITI1p0zWrD7K5nxegE4uuAM3AXNH_jjlmKNpjgJA-0UOd4nT91tp52tqo0EsV12q1iBGE8sCHRaeQn0lkDQ6XPEqV56-aCJ9B-UNri0_vmWQ_HQNKDYzM48bXxkmEqIGDS0s7OsXUDqRKb6zLaSpOsXWT4qNXKqartA0H2ha9moX-qfD4HrXPuNs0nAr1d5l7i3YAdVJXW1mE9FkZzgyHMe0dAbH-OAXbcUPM4wXrk63JgIzjUqCusnXwIrmOLds-mKcp4JWfpcbQOphXo_6As9SITR5r8Pxi3scYpCCPuUA1xnyC3_Dm1IEeCctala0WjhoMOtdYzUXvvS6yfCGCHB2S_2p41TSjfXPgqsjW428A2Gz9J2FntBqVYjsnYyxCvaOoueH8bpCzbPbdqvoCxu_wEpxV_-3bvOcQSHGEUPDrwofWKas5YtNkiWO0CnxWR7oQZds2Q1pRc9kcKxIT1R3jLyTliuXqIiVLSDyIzgxskgqQ90v1U5aE6I05SXcxiVW8byQeb66Xphn-tnwu_XQ0EAduJg1MegrDGBUCRwDVDfHg5O8sCvRHc32lSFylBf_Rd9owYywjS_vBwsfmE_cfuxe48Tkd0KbVUA_SDSNZ1nyZHWKirXUliAppJZM4CwaTy-2kE&sai=AMfl-YR54OqrNF6UU7GQ3ED6WBDsCO3EcTYhNE2e8XNmRMLssWSSTfzMoxNcv7ZZclZFiw0JIGvzy6kK9JGF2zaPPwN4MItv-2loGg&sig=Cg0ArKJSzG3labaTLPguEAE&cid=CAQSGwDICaaN3rC--QcwqDZpWeIYcW8DN4fJU4lbrhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1250606791&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699690197187&rpt=1050&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D634 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvpHK4iJdzTGhVFzXvkuZEG_3i4dFwUgNhKbW4a9V5yoBaIFnFwM9Ud4yUgbcBugQDLcH6JALzUUTUEw1pwRk4212OBHP3q1M-XfxUpioKbI8XNnC4Kqz_lUOB9ZyOef0XJ-c1Rll5wmLF&sai=AMfl-YRMcOie2b7UB-C_2p6fcVa-CKMBIgEz0jn1SIwbzHErELw58fgDMSwD5k6fIwb8IeNSRFNJh4-1zP-s&sig=Cg0ArKJSzPCzICYQq8X4EAE&cid=CAQSGwDICaaNwmt3vaUvqLYDD16huWqKjiIIhMKxfhgB&id=lidar2&mcvt=1002&p=0,0,280,336&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&app=0&itpl=22&adk=4174044084&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699690197301&rpt=954&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C782 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvln_5gS7bNkg4MxYK0OFY5wqpdjy0ly1qVGbNaXRR0WykMBgjSW7yMnQvEFNdqiO3HpKGBVZm7e5OaBBx7hu0TS0R5u9PTQQHVONYm7kV6w17Mzh7xYtmUeYyCcBUXblc4gK9zHimWTLMx&sai=AMfl-YT69v6Xkoe7jX_O7ds7nOih1ZpnyHzTz4Zl2tYHA5kqXTUIL2jpDh6-e0B_zXvDRcs7B_SKn9SR2qyx&sig=Cg0ArKJSzI1xJIqMX0FQEAE&cid=CAQSGwDICaaN2cAOx1aA9GerqBfgZC9HGrGoHcc1ohgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3836988885&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699690197201&rpt=1576&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbypixad.js
static.cdn.pixad.com.tr/dist/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdn.pixad.com.tr/dist/adsbypixad.js?v1699690
Requested by
Host: mauroicard.sbs
URL: https://mauroicard.sbs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba0cbbde93dc5ca4b2525e410878e559057f3a7505230262e1046fa858c97de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mauroicard.sbs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:10:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1047
age
1409
cdn-storageserver
DE-664
cdn-cachedat
11/11/2023 06:02:26
cdn-pullzone
1145655
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 07 Nov 2023 09:37:17 GMT
cdn-proxyver
1.04
cdn-fileserver
306
cdn-requestpullcode
200
server
cloudflare
etag
W/"654a054d-4bfe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdteSeDpBfqQNso6gB0SDxjPURg72VUpt%2B7HOfnsu4RZjZA4yT2nBAv2m1uCZFCf6y14sxeB5w9je80BliLx6lWU9DZoPs7ozMdaarJ%2FUTtlDsPP1xZZyGyMG%2Fop3apLYynADXlWoeZlZhi4k2OnC1JG0h%2Fh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=14400
cdn-requestid
80c22a7a188f5581fd8fa87d79e0fa8d
cf-ray
82450e714e0c71bb-FRA
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dilan-polatin-arkasindaki-guc-ortaya-cikti-bu-sozler-ortaligi-karistiracak-dilan-polati-ben-yarattim-2233386_k.jpg
foto.yenimedya.com.tr/partner-widget/2023/11/11/ Frame 6E79 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foto.yenimedya.com.tr/partner-widget/2023/11/11/dilan-polatin-arkasindaki-guc-ortaya-cikti-bu-sozler-ortaligi-karistiracak-dilan-polati-ben-yarattim-2233386_k.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.68.47.51 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
c07dc739a42f2c87f861d79bae74f932578b60bcff9361afe98b252c3caff0d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.yenimedya.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:10:02 GMT
last-modified
Sat, 11 Nov 2023 06:49:46 GMT
server
nginx
partx
alljpgs
etag
"6ecd46426b14da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
x-url
/partner-widget/2023/11/11/dilan-polatin-arkasindaki-guc-ortaya-cikti-bu-sozler-ortaligi-karistiracak-dilan-polati-ben-yarattim-2233386_k.jpg
access-control-allow-origin
*
cache-control
max-age=1468800
accept-ranges
bytes
content-length
10757
expires
Tue, 28 Nov 2023 08:10:02 GMT
dilan-polatin-arkasindaki-guc-ortaya-cikti-bu-sozler-ortaligi-karistiracak-dilan-polati-ben-yarattim-2233386_k.jpg
foto.yenimedya.com.tr/partner-widget/2023/11/11/ Frame 6E79 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foto.yenimedya.com.tr/partner-widget/2023/11/11/dilan-polatin-arkasindaki-guc-ortaya-cikti-bu-sozler-ortaligi-karistiracak-dilan-polati-ben-yarattim-2233386_k.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.68.47.51 , Turkey, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
c07dc739a42f2c87f861d79bae74f932578b60bcff9361afe98b252c3caff0d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.yenimedya.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 08:10:02 GMT
last-modified
Sat, 11 Nov 2023 06:49:46 GMT
server
nginx
partx
alljpgs
etag
"6ecd46426b14da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
x-url
/partner-widget/2023/11/11/dilan-polatin-arkasindaki-guc-ortaya-cikti-bu-sozler-ortaligi-karistiracak-dilan-polati-ben-yarattim-2233386_k.jpg
access-control-allow-origin
*
cache-control
max-age=1468800
accept-ranges
bytes
content-length
10757
expires
Tue, 28 Nov 2023 08:10:02 GMT
int
lm.serving-sys.com/lm/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.235.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-235-209.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://mauroicard.sbs
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FFKENFZBJW&gtm=45je3b81v9103786146&_p=1699690195305&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1740753228.1699690196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699690195&sct=1&seg=0&dl=https%3A%2F%2Fmauroicard.sbs%2F&dt=Haberler%20-%20Haber%2C%20Spor%2C%20Magazin%20ve%20Son%20Dakika%20Haberleri&_s=3&tfd=9114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FFKENFZBJW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mauroicard.sbs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 08:10:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mauroicard.sbs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.haberler.com
URL
https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Let%2520Go%2520Let%2520go%2520Advertorial%252050268%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50268%257D
Domain
d.haberler.com
URL
https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Dentsu%2520Vak%25C4%25B1fbank%2520Advertorial%252050195%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50195%257D
Domain
d.haberler.com
URL
https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Arnas%2520tar%25C4%25B1m%2520Arnas%2520Tar%25C4%25B1m%2520Advertorial%252050264%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50264%257D
Domain
d.haberler.com
URL
https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Kas%25C4%25B1m%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D
Domain
d.haberler.com
URL
https://d.haberler.com/CookiesInfoSetAll.js?d=%7B%22CID%22%3A%22e4ef3a40678a0d4236ebb33141ced6da%22%2C%22Oturum_Id%22%3A%22b3af9ecf4ec1ae79f8b1d62a135dc14c%22%7D
Domain
d.haberler.com
URL
https://d.haberler.com/OturumGosterim.js?d=%257B%2522CID%2522%253A%2522e4ef3a40678a0d4236ebb33141ced6da%2522%252C%2522Oturum_ID%2522%253A%2522b3af9ecf4ec1ae79f8b1d62a135dc14c%2522%252C%2522Url%2522%253A%2522%2522%252C%2522Referer_Url%2522%253A%2522%2522%252C%2522Sayfanin_Yuklenme_Suresi%2522%253A3044%252C%2522Icerik_Id%2522%253A%2522%2522%252C%2522Icerik_Tur%2522%253A%2522anasayfa%2522%252C%2522Yayinci%2522%253A%2522www.haberler.com%2522%252C%2522Ekran_Yuksekligi%2522%253A1200%252C%2522Ekran_Genisligi%2522%253A1600%252C%2522Cihaz_Turu%2522%253A%2522Desktop%2522%252C%2522Cihaz_Adi%2522%253A%2522%2522%252C%2522YerelZaman%2522%253A%25222023-11-11T08%253A09%253A57.027Z%2522%252C%2522LoadGuid%2522%253A%2522df2b32433b035acf5990429ed33da330%2522%252C%2522Guid%2522%253A%2522cbd1deb293d380111712dde2b5fe9ccb%2522%252C%2522Version%2522%253A%25220.02.89%2522%252C%2522Tarayici_Adi%2522%253A%2522chrome%2522%252C%2522Isletim_Sistemi%2522%253A%2522Windows%2522%257D

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| CookieConsent number| scrw boolean| cihaz_mobilmi function| rich_ad function| paylas_wa function| aramaKeyKontrol function| aramaAutoCYukJs function| portalLibrary object| prHbrCm function| $ function| jQuery function| getScript function| ready function| setCookie function| getCookie function| CountryCode string| ClientCountryCode function| getAnalyticsCookie function| getParameterByName object| no_header function| getBinaryBack function| _cacheScript function| _injectScript function| getsScript function| send function| ga string| userLang string| s object| el boolean| interstitial string| GoogleReklamlariGoster string| page_type string| page_value function| gtag object| _ah object| dataLayer object| googletag object| d number| n string| ad_type object| d1 object| d2 undefined| PREBID_TIMEOUT undefined| FAILSAFE_TIMEOUT undefined| bidders undefined| adUnits undefined| pbjs undefined| initAdserver function| Search function| getOS function| slideSetToEnd function| cookiePolicyWarning function| cookiePolicyGetCookie function| checkedSwitchToggle function| videoSliderRatio function| videoPageRatio string| imp_adv_list function| manset_adv_aktivite function| transitionEndEventNew string| ontransitionEnd object| slider object| sliderItems object| prev object| next object| bullets function| slide undefined| outers undefined| outers_a object| date string| expires function| __d3lUW8vwsKlB__ object| adRecover function| jqAlias function| __an6na521li18__ object| MjczZGYzMjQ2NDJhYjU2ZmxvYWRlcl9qcw== string| MjczZGYzMjQ2NDJhYjU2ZmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| google_tag_manager object| google_tag_data function| ym boolean| spdx undefined| page_level_coutn function| frbs boolean| firebasec object| adsbygoogle number| scr_height number| seconds boolean| ref_adx function| adxref object| adsAll string| adsUnique object| ads function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject object| gaplugins object| gaData object| Ya object| yaCounter14231362 number| vsrWidth number| vsrRatio number| vsrHeight number| sonrakitopla number| kipkips object| sunulanArr function| ahSetCookie function| ahGetCookie function| guid function| initAKHASID function| getBrowserType function| getOSName function| logError function| addRequest function| UrlSetmt function| Process function| ProcessClick function| ProcessLoad function| ProcessOturum function| SeparingUrl function| SetAllCookies boolean| triggerUnload boolean| handleClick boolean| _wasPageCleanedUp object| separatingChars boolean| swiped undefined| coord boolean| touched string| ua boolean| isAndroid boolean| supportsPointer function| ev_pointer function| ev_touch function| ev_mouse string| Teq string| Yeq function| addEvent function| BeforeUnloadEventHandler function| UnloadEventHandler function| MobileDetect object| ah number| timeBS string| ebPtcl string| ebBigS string| ebResourcePath string| ebNSRP string| sHost number| ebPi number| ebNxt boolean| dmg number| placementId boolean| asc number| ebInStrm function| ebAC function| ebTokens function| ebReport object| a undefined| url object| nav undefined| standalone function| isGlobalDefined object| x string| templateName object| ebDCAry string| ebDCLoc object| ebVScript function| ebLoadVersions number| ebAdID number| ebPli string| ebTN number| ebDSGID string| ebRand function| ebDecode string| gEbUT object| ebO object| AdConfig_1091967289 object| ebOArr object| szmk boolean| ebAdCS boolean| ebIfrm object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_image_requests object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter object| vData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| $jscomp function| $jscomp$lookupPolyfilledValue object| EBGInfra object| currentResponse undefined| vizClone undefined| newEbSrc undefined| newScript undefined| target undefined| sub object| EBG object| ebAds function| doIfAccessible object| newEvent object| WindowTarget object| GoogleGcLKhOms object| adsbypixad function| SET_PIX_CONFIG function| checkControl

28 Cookies

Domain/Path Name / Value
mauroicard.sbs/ Name: hbmsyer-headline
Value: -1
mauroicard.sbs/ Name: banneristek
Value: 0
mauroicard.sbs/ Name: ClientCountryCode
Value:
mauroicard.sbs/ Name: enable_page_level_ads
Value: 1
.mauroicard.sbs/ Name: _ga
Value: GA1.2.1740753228.1699690196
.mauroicard.sbs/ Name: _gid
Value: GA1.2.2142677198.1699690196
.mauroicard.sbs/ Name: _gat_gtag_UA_242929_3
Value: 1
.mauroicard.sbs/ Name: _ym_uid
Value: 1699690196851572484
.mauroicard.sbs/ Name: _ym_d
Value: 1699690196
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4262945596fake
.yandex.com/ Name: i
Value: oQZU36SYrwj/TF+sN7Ucej6MShGX3gIGIQQ11T8Znoh6aKXhJ1eMAZyvPT+keuLCkiSw8ohccERM8Lfk40TtIXa3CZk=
.yandex.com/ Name: yandexuid
Value: 6539488861699690196
.mauroicard.sbs/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 926688126fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 6539488861699690196
.yandex.ru/ Name: yuidss
Value: 6539488861699690196
.yandex.ru/ Name: i
Value: oQZU36SYrwj/TF+sN7Ucej6MShGX3gIGIQQ11T8Znoh6aKXhJ1eMAZyvPT+keuLCkiSw8ohccERM8Lfk40TtIXa3CZk=
.yandex.ru/ Name: yp
Value: 1699776596.yu.9223104731699690196
.yandex.ru/ Name: ymex
Value: 1702282196.oyu.9223104731699690196
mc.yandex.com/ Name: yabs-sid
Value: 782861591699690196
.yandex.com/ Name: yuidss
Value: 6539488861699690196
.yandex.com/ Name: ymex
Value: 1731226196.yrts.1699690196
.yandex.com/ Name: bh
Value: KgI/MA==
.mauroicard.sbs/ Name: _ym_visorc
Value: b
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mauroicard.sbs/ Name: _ga_FFKENFZBJW
Value: GS1.1.1699690195.1.0.1699690198.57.0.0

18 Console Messages

Source Level URL
Text
network error URL: https://mauroicard.sbs/blank_m.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://mauroicard.sbs/1x1.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mauroicard.sbs/_blank.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Message:
Failed to load resource: the server responded with a status of 504 ()
javascript error URL: https://mauroicard.sbs/
Message:
Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Let%2520Go%2520Let%2520go%2520Advertorial%252050268%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50268%257D' from origin 'https://mauroicard.sbs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Let%2520Go%2520Let%2520go%2520Advertorial%252050268%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50268%257D
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mauroicard.sbs/
Message:
Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Dentsu%2520Vak%25C4%25B1fbank%2520Advertorial%252050195%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50195%257D' from origin 'https://mauroicard.sbs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Dentsu%2520Vak%25C4%25B1fbank%2520Advertorial%252050195%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50195%257D
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mauroicard.sbs/
Message:
Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Arnas%2520tar%25C4%25B1m%2520Arnas%2520Tar%25C4%25B1m%2520Advertorial%252050264%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50264%257D' from origin 'https://mauroicard.sbs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522Arnas%2520tar%25C4%25B1m%2520Arnas%2520Tar%25C4%25B1m%2520Advertorial%252050264%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A6%252C%2522id%2522%253A50264%257D
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mauroicard.sbs/
Message:
Access to XMLHttpRequest at 'https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Kas%25C4%25B1m%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D' from origin 'https://mauroicard.sbs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.haberler.com/adv.js?d=%257B%2522page%2522%253A1%252C%2522type%2522%253A0%252C%2522name%2522%253A%2522A101%2520Masthead%2520Kas%25C4%25B1m%25202023%2522%252C%2522site%2522%253A1%252C%2522model%2522%253A4%252C%2522id%2522%253A0%257D
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mauroicard.sbs/mstatic/assets/js/lazyload.js?v=0&_=1699690195295
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://mauroicard.sbs/
Message:
Access to XMLHttpRequest at 'https://d.haberler.com/CookiesInfoSetAll.js?d=%7B%22CID%22%3A%22e4ef3a40678a0d4236ebb33141ced6da%22%2C%22Oturum_Id%22%3A%22b3af9ecf4ec1ae79f8b1d62a135dc14c%22%7D' from origin 'https://mauroicard.sbs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.haberler.com/CookiesInfoSetAll.js?d=%7B%22CID%22%3A%22e4ef3a40678a0d4236ebb33141ced6da%22%2C%22Oturum_Id%22%3A%22b3af9ecf4ec1ae79f8b1d62a135dc14c%22%7D
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mauroicard.sbs/
Message:
Access to XMLHttpRequest at 'https://d.haberler.com/OturumGosterim.js?d=%257B%2522CID%2522%253A%2522e4ef3a40678a0d4236ebb33141ced6da%2522%252C%2522Oturum_ID%2522%253A%2522b3af9ecf4ec1ae79f8b1d62a135dc14c%2522%252C%2522Url%2522%253A%2522%2522%252C%2522Referer_Url%2522%253A%2522%2522%252C%2522Sayfanin_Yuklenme_Suresi%2522%253A3044%252C%2522Icerik_Id%2522%253A%2522%2522%252C%2522Icerik_Tur%2522%253A%2522anasayfa%2522%252C%2522Yayinci%2522%253A%2522www.haberler.com%2522%252C%2522Ekran_Yuksekligi%2522%253A1200%252C%2522Ekran_Genisligi%2522%253A1600%252C%2522Cihaz_Turu%2522%253A%2522Desktop%2522%252C%2522Cihaz_Adi%2522%253A%2522%2522%252C%2522YerelZaman%2522%253A%25222023-11-11T08%253A09%253A57.027Z%2522%252C%2522LoadGuid%2522%253A%2522df2b32433b035acf5990429ed33da330%2522%252C%2522Guid%2522%253A%2522cbd1deb293d380111712dde2b5fe9ccb%2522%252C%2522Version%2522%253A%25220.02.89%2522%252C%2522Tarayici_Adi%2522%253A%2522chrome%2522%252C%2522Isletim_Sistemi%2522%253A%2522Windows%2522%257D' from origin 'https://mauroicard.sbs' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d.haberler.com/OturumGosterim.js?d=%257B%2522CID%2522%253A%2522e4ef3a40678a0d4236ebb33141ced6da%2522%252C%2522Oturum_ID%2522%253A%2522b3af9ecf4ec1ae79f8b1d62a135dc14c%2522%252C%2522Url%2522%253A%2522%2522%252C%2522Referer_Url%2522%253A%2522%2522%252C%2522Sayfanin_Yuklenme_Suresi%2522%253A3044%252C%2522Icerik_Id%2522%253A%2522%2522%252C%2522Icerik_Tur%2522%253A%2522anasayfa%2522%252C%2522Yayinci%2522%253A%2522www.haberler.com%2522%252C%2522Ekran_Yuksekligi%2522%253A1200%252C%2522Ekran_Genisligi%2522%253A1600%252C%2522Cihaz_Turu%2522%253A%2522Desktop%2522%252C%2522Cihaz_Adi%2522%253A%2522%2522%252C%2522YerelZaman%2522%253A%25222023-11-11T08%253A09%253A57.027Z%2522%252C%2522LoadGuid%2522%253A%2522df2b32433b035acf5990429ed33da330%2522%252C%2522Guid%2522%253A%2522cbd1deb293d380111712dde2b5fe9ccb%2522%252C%2522Version%2522%253A%25220.02.89%2522%252C%2522Tarayici_Adi%2522%253A%2522chrome%2522%252C%2522Isletim_Sistemi%2522%253A%2522Windows%2522%257D
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bs.serving-sys.com
c.keltis.com
cdn.p.analitik.bik.gov.tr
d.haberler.com
delivery.adrecover.com
fonts.googleapis.com
fonts.gstatic.com
foto.yenimedya.com.tr
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.hbrcdn.com
lm.serving-sys.com
mauroicard.sbs
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
region1.analytics.google.com
s.hbrcdn.com
s0.2mdn.net
secure-ds.serving-sys.com
static.cdn.pixad.com.tr
stats.g.doubleclick.net
tpc.googlesyndication.com
widget.yenimedya.com.tr
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haberler.com
d.haberler.com
152.199.21.70
163.171.128.148
185.102.219.173
2.16.202.122
2001:4860:4802:32::36
212.68.47.11
212.68.47.51
2606:4700:20::681a:658
2606:4700:3037::ac43:a45a
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:827::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
3.76.235.209
52.59.87.200
89.187.169.43
0b7bae03943e0308e7a91c1d7cc6ed9bd8e2046f939115b5b657b4acb20f928c
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0fc36b4dde65a56fad2f07e654ff940e73a1ce233d4924ade8a9daa4f005573d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188f911b349253c72df4a5eb70fb0c5cb372928a7e7072da6bc355f3c0fe0f20
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19e4ffc707ace65e2f0cd6ac68c20b2ad9a292619744d003d26fb8f7cb40198a
1ae93655d43547d7bedb7ed6f29ea3218a6d956f338ca54c04bbb4673229379f
1ba0cbbde93dc5ca4b2525e410878e559057f3a7505230262e1046fa858c97de
201147f41796a114ea6216a83deb70152815745105f455a76e2a33f6c5074e93
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
23ded63b624687408b1fa8cf74395f2d214a5790984b0ffb79fcfc6296621ade
23df262051142cdfa266ed3a47290286afc3a432d1864559875d36b9084a5393
2a689ccabc2668e13126715b0b9ea6829af15218f5445e6f595c3a04c8f8276c
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317bcc98ebdc7c4aa53ba44bb28717dea2c9e2bfb3e7fc4327655945224f4cd8
32868a1bf80d19678eb0651409c76b377427788cf2ba1dd6aefc3f0c9fdd796c
36d3617f798c0a920efa4e23fd35d84ffa32f2e8b85569272da1dc7fd6449252
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
417f3126232e5d72fb6902f2d51e98449c60400efce77442299b2ca7093cea7c
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4815264b50f434d86793936f45c51c7f0e9241ad9757eb46ab4ac6a5ab690d96
48fc00ef9f68fe91d1b6b1588cfb23b6e80222cb0680d8425c027bd6219b7648
4bf2b1f3d1da17cf58f4a7f5d8d5e16ac2abdfd2872935486a98b305e56534d0
4e82e0740b847a9b7f3841f952e6e732d517c8d234ae25374216d5b83b898470
51b42074adc78d3a6e9e45b60e8f366ed5dc028a84e4bbcf7811e7d42e188510
5361d89a69623f533fffd65f6b03bb1bc3a38477ed3642aa030228215db2b3f9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5914faf679224b6426b0121c37c654bba230ccec3d8929bad8cfbe60b0fabcd2
5f8735db1764d579016e6a5757f01cafc13042397200a9bc01d444fabc453865
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
653fa3a5827add226262f6aeb8dea0a49439241bc4e776caf36ed3e22f198f57
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
73c379d75be2202585d1f33f3c8047654e4f0ad9911e0eae1de2df5d1ee168f9
7462c6ff55b1d684d8000b38e9d02c99b289ebef78204d6db34809bed48854cd
77e0cbf5f73df644f929b908ed8697c27fecc3b456810ba75909ca8d14067104
78bc9cfbe41afe4e6c4bd854433acbc9acf7da890c29e32a126ebcb6b91b4f6f
7a5f3f1905ea8c6d544c34970f19b2a17c5eaed192c74abfd9bd44641fcb27f4
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8424c5a71d7021fe706770775ffbab03406445697df26c196505558c42e7c014
84a736a914e348898f0f1e4e187d3b85d9177f8cfa949f7c98bdc5706b5925d8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
891424705ae0561e73fce938951cfa0226650873e0aa94de290a37d7431a6d5a
8a087ed5b4a4fecef1e79febefc2fca7f1798fca58de651f14b05fa079254de9
8ab35ac6bc54b61452906c1c99641547a8ea08869d7d25b6f7baa872009035f2
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8d9403c242762c6e70027ed6f754aa51b36b540f0af940df939ede3cbede414f
8e2c49db07018a59ab49b67849718cd1cfe72bec77de478771f5e70a7327cb88
8e749e95840f57bebd2b6cdf67220c7b503e21728ab2d76f3590336228afa57b
912738bc2b47b542807b5cf9ff1dd7b3802705a7be9916be5c7fda05ae3834fc
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
91faa04b65fd63d213cced82bccaa54e6d8f705e2d982668fbe0a990cb9065ef
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
97312d7804bfabd03f08d5cb74e14939ee1fba4dbd19055260d3c17081a5fd3f
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a79f658e21388c2f1c9237816ccb4d86b311b7a97420c764d5c8beddd53f3e9b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af9899a393c086ef1507641bc6ed14e6d86f6478d6d1fbd701598918a24b0df8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f
b339f8787db3a17deb4a573dcede43e8f355b7e64e6f51fee991b9676d910d0d
b4ce25333e0b4d8ab81152655ffac98a9e5acf9aac6075c48df1a73a3b1891fe
b6d5ce14b069d40cb5859aa9fdeeb16368192644526d6353cf773f040edc9ad3
b85c151f5a3ea3a34980d9afe579147dd6b3b12da33239fb0956c454afceb0d8
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb2ded84e5fb3e479f7b3ea2d5b71ae5a3c12bcb7cbcdbbab92d33e3688c633b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcf204b3a86de14d52b2cc6f129727c1e5d393c5c901365431ee70b85524f528
bd9da986788fd5b37519896c9feeb1c05933785d5cc2911f8d3126d04813ebc7
c07dc739a42f2c87f861d79bae74f932578b60bcff9361afe98b252c3caff0d3
c273e7ce64774a481533acdd3f457d4b320b507e6a5fc696fd23989cb58b0a31
c45689e5c54c74087b38e461f4fbbbcd153b1b3cbb791b207660a938b87c7627
c4d79b19e24eb454f21fc93760e8ee16abcf304036d9bf08d6e5c0a862cab674
c790c51da54df5a6b960f2a1257436154c4a7fd42ff273f21e4ee0d3fd3b3adf
d1b9d305dc2f4ad5551fda446328c9b47f78a45c046d3781c5d7b42039e845a6
d2dc371a274addc693d147e5d81e8c34567dceec5b7f1d4fd0ed7e2ebde51f91
d32d1838de613a8e484891fab0189f239d5868c096bee49946df13bf6d1f66d7
d46d30e825e52679a598b9f966c2d49ac4b9d1e2cd04875ec5e85d275ef9117e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7ce76e37a6ac573dc2ed2c7d0c2dbe3d855abdbe155847ce7c3998105258ff
df1187a4c611916281c8b88e08f2b0bcf7d893988266aab547df4e00cc3f4bff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b51e9a0d0e21f81c254be21906de61b7ebde5d9498ed24593c232b6943e393
e4a0fc024eb6f2a356958b908403c7ccadb99c3b70219912e71708b0baaacbcf
e95c95bb63982f0ff570a48b30ce5a8ad65a40f1930c401b4f016ed1a5acc843
e9df413a46cc4c7f2192848b38111f24634c03970ea99917a005e5413be3b3f2
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f094daacd0356f42fd95723e709e62f954be0eeed3171577948c6ff6d2d50ed8
f0d39672ef41a2dd36b2f0481137061dbaa2cd5b073da1534a941bd6386abe29
f0f4dc58487c65c186729576e31c0218f289cc563ad84d68e63ab29bdaba4db8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7dad67e560aa00ee037762d8e081cad9c4473faa6253a0efa2032f3d441a7cb
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fb7f90b7233d7654f44050c9ee84f309e3191cd99836a4afe328b5411bf075f7