eksisozluk.com Open in urlscan Pro
104.22.24.137  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

• https://app.networkad.net/netasync.js?zid=571 HTTP 302
• https://app.networkad.net/netasync.js?isAvailable=1&zid=571

Request Chain 14

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?value=0&guid=ON&script=0 HTTP 302
• https://www.google.com/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=869467176 HTTP 302
• https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=869467176&ipr=y

Request Chain 37

• https://uip.semasio.net/omdtr/1/info?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=46996289873510500 HTTP 302
• https://uip.semasio.net/omdtr/1/info2?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=46996289873510500 HTTP 302
• https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
• https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=f0e4616a-e89b-4800-ade7-50d21c92c975&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=edf857e2-81ca-4fe7-9722-9b906634d8a6 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NkYxMzZCNkY5NDhGMDdCRg&gdpr=1&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELGcwxu_UKkMu4vCIpIeXAc&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 47

• https://sb.scorecardresearch.com/b?c1=2&c2=19592957&ns__t=1634396315323&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1634396315323&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9=

Request Chain 56

• https://gatr.hit.gemius.pl/_1634396315439/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=111&lsdata=0gLcJ9CrFoERHuZhO6qqZfHVfmYYjuTQ.2ueyzE7TNL.O7_s5hyn3XhffwD8bDymhNLWH9h3YWKM4WzzF.jGbachd.VE/r8OwsVXwIHm_J/&fpdata=73h3Dze5mf68zNf6S2vIIqFSdeprcEuuRORI5VleI6T.q7&vis=1&fpcap= HTTP 301
• https://gatr.hit.gemius.pl/__/_1634396315439/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=111&lsdata=0gLcJ9CrFoERHuZhO6qqZfHVfmYYjuTQ.2ueyzE7TNL.O7_s5hyn3XhffwD8bDymhNLWH9h3YWKM4WzzF.jGbachd.VE/r8OwsVXwIHm_J/&fpdata=73h3Dze5mf68zNf6S2vIIqFSdeprcEuuRORI5VleI6T.q7&vis=1&fpcap=

Request Chain 116

• https://adx.adform.net/adx/?rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1634396317250 HTTP 302
• https://adx.adform.net/adx/?CC=1&rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1634396317250

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request virustotal--1675794 Show response eksisozluk.com/	50 KB 19 KB	286ms 252ms	Document text/html	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4a8bc9c4dfb1a0a0f294b660c68373d5ed0d22f3a4edbf211a2c01a72e70ee3 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority eksisozluk.com :scheme https :path /virustotal--1675794?p=3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sat, 16 Oct 2021 14:58:34 GMT content-type text/html; charset=utf-8 content-length 18204 cache-control no-cache pragma no-cache content-encoding gzip expires -1 vary Accept-Encoding set-cookie iq=092bc919b94a49d2ba34546e7a0bc06b; expires=Sun, 16-Oct-2022 14:58:34 GMT; path=/ ASP.NET_SessionId=mptkjz2dmuz2bbt1pvbdwgpt; path=/; HttpOnly; SameSite=Lax channel-filter-preference-cookie=W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ==; path=/ x-frame-options DENY x-xss-protection 1; mode=block x-content-type-options nosniff strict-transport-security max-age=15552000; preload cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 69f22566dce72169-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	11 KB 2 KB	70ms 25ms	Stylesheet text/css	172.217.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f10.1e100.net Software ESF / Resource Hash c7df335ec36a9f04d14eba5ce85e472d9b230e93772c26d26d36a34f8f4408d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 16 Oct 2021 14:24:52 GMT server ESF date Sat, 16 Oct 2021 14:58:35 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 16 Oct 2021 14:58:35 GMT
GET H2	200	ek$i-13ce28c31dc5629c.css ekstat.com/css/	144 KB 24 KB	72ms 27ms	Stylesheet text/css	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekstat.com/css/ek$i-13ce28c31dc5629c.css Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db8a2441fdda4d4121350ad6cf4e6883b12323ca708c04a268a9f256cf8bf3e3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6745440 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 30 Jul 2021 13:13:01 GMT server cloudflare x-frame-options DENY etag W/"806c719f4485d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzBa9jdD3QRNerU8OyvARWEhYN4JyYiAupc0dOd5kul12w0Kcv1JN3Nl5%2FQ65q7eRZz4WlCI0S0o%2ByYjZfhtI0BZkxXk%2BxhKxHUJdJRsQE5KF9p%2Bj1u4mPmi2qXB"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding,Accept-Encoding cache-control public, max-age=31536000 cf-ray 69f22568dca340c3-CDG
GET H2	200	v1.js Show response nativespot.com/apijs/	2 KB 1 KB	684ms 227ms	Script application/javascript	172.67.212.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nativespot.com/apijs/v1.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.212.155 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbd9db9f3806eeabee74f5e6e5563820b0dad301cae6ef3fa3cd26a3791d8d97 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Aug 2018 10:36:00 GMT server cloudflare age 4536 etag W/"pe62s01bb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPTHoFrTARDCZ5KGKaFmjUxXZomnd0LBmiEQavUDPa%2BO%2FXkV99VVZRM8lwk93nQDnWgbIkPRb10yk7HsSbWvwLaagcflVYLDfhVf2OUrZwc9mntRqgRj%2BQhaN2G5tiqeWQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 69f2256cb909f7ca-EZE alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	withdfp.js Show response app.gelirartisi.com/	18 B 350 B	202ms 97ms	Script text/html	31.186.16.160 TURKTICARET-AS1
General Check archive.org Show headers Download Go to Full URL https://app.gelirartisi.com/withdfp.js?sid=6 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1, TR), Reverse DNS reverse-31-186-15-160.turkticaret.net Software / Resource Hash 25d2dd552e478fc445ef10d481020f13a4dc463325a4e4afd41823e5a85a20e2 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 16 Oct 2021 14:58:35 GMT Transfer-Encoding chunked P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control no-store, no-cache Connection keep-alive Content-Type text/html Keep-Alive timeout=5 X-XSS-Protection 1; mode=block
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	119 KB 39 KB	47ms 16ms	Script text/javascript	178.250.2.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip last-modified Mon, 04 Oct 2021 12:34:27 GMT server nginx etag W/"615af4d3-1dd0f" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 17 Oct 2021 14:58:35 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	97ms 35ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash 6abf5e76c9602b214a13e211f466ef7620271399dff925857ada7a9f0791b913 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1016 / 29 of 1000 / last-modified: 1634335604" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27153 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 16 Oct 2021 14:58:35 GMT
GET H2	200	jquery-combo.js Show response ekstat.com/js/	142 KB 50 KB	84ms 40ms	Script text/javascript	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekstat.com/js/jquery-combo.js?v=_DxTzjvU_QTVO9MJ1dgI5HWpgeP32i5lCipqP0dhLfo1 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05ea9374f14d34d7e819402646f66ce7b9c91ce1ef0fc18f7bc5802121912487 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7714328 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 19 Jul 2021 08:06:27 GMT server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2tn5dzqpjYKbCKeUZA8zEK6NgpHyaN252al84di0tT%2FFTIa8P6Cu%2FsXUoQecwwr%2B1bNihCJUSFYADRGXKoTS8CPg5rhvy%2FpTuAuh6VCHsaLKQO7ZKAgtoO6WK57"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 vary User-Agent,Accept-Encoding,Accept-Encoding cache-control public, max-age=14400, no-cache="Set-Cookie" cf-ray 69f22568dca740c3-CDG expires Tue, 19 Jul 2022 08:06:27 GMT
GET H2	200	ek$i-combo.js Show response ekstat.com/js/	67 KB 19 KB	69ms 24ms	Script text/javascript	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekstat.com/js/ek$i-combo.js?v=jmc8jbQsAut2EhFD-2Im3uY2R2mTlClYBYkBFDj1I9I1 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c65961b18442ed0550e1b5c14a330c9caa111f1184c7edcac185c3ce4f8611 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7717396 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Mon, 19 Jul 2021 07:15:19 GMT server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GspAIUYPTA6Ct8CDps6uPsFlFMHfhi%2BjlIiNh0Fxe4EFZ5D5oNujuiqrR2WC9g2ybpSIgfgokABpZSJYouGT8PLa3AslH8D6a5DrfBtBUfyKXOpUU%2FLtbr0aWAXW"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 vary User-Agent,Accept-Encoding,Accept-Encoding cache-control public, max-age=14400, no-cache="Set-Cookie" cf-ray 69f22568dcaa40c3-CDG expires Tue, 19 Jul 2022 07:15:19 GMT
GET H2	200	lib-defer.js Show response ekstat.com/js/	66 KB 21 KB	34ms 32ms	Script text/javascript	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekstat.com/js/lib-defer.js?v=LNYBjgR_PNgijdHhv3cdaF4EUdnGjh3QNne1RP8-JLg1 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae7a19802e5d6905cbe9bcfcf9d8088b64b973af17d387bacf9a07df5f54e1b8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15242605 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 23 Apr 2021 04:55:10 GMT server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDzkrUxT2F2zetxi8BaAGaDOOOK96WFJirpVsSZGvAdMPWwhu5tnrRt0jp5S%2FFnaVkFTU3fAO%2FYr%2B6PsrCqEVcXlpRgLZajzlS7qcCp%2BnmaaxJR%2F8ymudvi7RzUg"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 vary User-Agent,Accept-Encoding,Accept-Encoding cache-control public, max-age=14400, no-cache="Set-Cookie" cf-ray 69f225695d6840c3-CDG expires Sat, 23 Apr 2022 04:55:10 GMT
GET H2	200	ek$i-defer.js Show response ekstat.com/js/	27 KB 9 KB	28ms 26ms	Script text/javascript	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekstat.com/js/ek$i-defer.js?v=0sVZyg-7PKHPc4PDrwGGXhjHvZTKCWV9ejU0HdECBDs1 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dec60f69af499b1a65e1e35816b5a800054227ec08102104f8dafeacd2b4472f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6729488 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 30 Jul 2021 17:40:27 GMT server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWNaQKZdYh1bDs%2BeU1IV9siQ4NCix9iquUC8obPB3q6ayLKO0Ds1XtYWQqCtRMd080D1wFaKUP3gU79Qn2eyfBTAzbvBdMlb2IYIJusVYhf0vzFpoR6Vdlk95XaT"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 vary User-Agent,Accept-Encoding,Accept-Encoding cache-control public, max-age=14400, no-cache="Set-Cookie" cf-ray 69f225695d6a40c3-CDG expires Sat, 30 Jul 2022 17:40:27 GMT
GET H2	200	pena-logo.svg eksisozluk.com/Content/img/new-logos/	1 KB 747 B	16ms 14ms	Image image/svg+xml	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://eksisozluk.com/Content/img/new-logos/pena-logo.svg Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de7fd28be2467ce52eb95b7ff15f6d6dbad53191e84737923352b511a63e0fd9 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /Content/img/new-logos/pena-logo.svg pragma no-cache cookie iq=092bc919b94a49d2ba34546e7a0bc06b; ASP.NET_SessionId=mptkjz2dmuz2bbt1pvbdwgpt; channel-filter-preference-cookie=W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ== accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority eksisozluk.com referer https://eksisozluk.com/virustotal--1675794?p=3 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/virustotal--1675794?p=3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 14109138 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 20 Sep 2018 21:02:55 GMT server cloudflare x-frame-options DENY etag W/"abd8604d2551d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; preload content-type image/svg+xml vary Accept-Encoding cache-control public, max-age=31536000 cf-ray 69f2256949992169-DUS
GET H2	200	eksiseyler-logo.svg eksisozluk.com/Content/img/new-logos/	19 KB 14 KB	16ms 14ms	Image image/svg+xml	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://eksisozluk.com/Content/img/new-logos/eksiseyler-logo.svg Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29dc5392c761c2c8305b2063fadd14b1c41fb030879fd4cbaa1d7020189392aa Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /Content/img/new-logos/eksiseyler-logo.svg pragma no-cache cookie iq=092bc919b94a49d2ba34546e7a0bc06b; ASP.NET_SessionId=mptkjz2dmuz2bbt1pvbdwgpt; channel-filter-preference-cookie=W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ== accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority eksisozluk.com referer https://eksisozluk.com/virustotal--1675794?p=3 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/virustotal--1675794?p=3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 14109138 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 20 Sep 2018 21:02:55 GMT server cloudflare x-frame-options DENY etag W/"abd8604d2551d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; preload content-type image/svg+xml vary Accept-Encoding cache-control public, max-age=31536000 cf-ray 69f22569499b2169-DUS
GET H2	200	netasync.js Show response app.networkad.net/ Redirect Chain https://app.networkad.net/netasync.js?zid=571 https://app.networkad.net/netasync.js?isAvailable=1&zid=571	201 KB 24 KB	62ms 61ms	Script text/javascript	138.201.212.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://app.networkad.net/netasync.js?isAvailable=1&zid=571 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.201.212.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.22.212.201.138.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash c2bdd5027dadfeccdeb8d81b7ef302978bcd76cd86ab512b09080c482a321a70 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) cache-control no-store, no-cache p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" x-xss-protection 1; mode=block content-type text/javascript Redirect headers location //app.networkad.net/netasync.js?isAvailable=1&zid=571 date Sat, 16 Oct 2021 14:58:35 GMT cache-control no-store, no-cache server nginx/1.18.0 (Ubuntu) x-xss-protection 1; mode=block content-type text/javascript
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/	45 KB 18 KB	80ms 31ms	Script text/javascript	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 15f6865841563f9690aa73d93d6af4f80c0544d09b1c9f1479c44edd1bec5f6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17678 x-xss-protection 0 server cafe etag 7688520411956436205 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 16 Oct 2021 14:58:35 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/878852058/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?value=0&guid=ON&script=0 https://www.google.com/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=869467176 https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=869467176&ipr=y	42 B 108 B	35ms 35ms	Image image/gif	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=869467176&ipr=y Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-user-list/878852058/?value=0&guid=ON&script=0&is_vtc=1&random=869467176&ipr=y cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	129 KB 43 KB	81ms 29ms	Script application/javascript	142.250.185.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXV2Z47 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f8.1e100.net Software Google Tag Manager / Resource Hash 0c101de79823bf455c0d4ad05388a6a2bf35b65873f9e5a63d2d35b96f279a7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43332 x-xss-protection 0 last-modified Sat, 16 Oct 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 16 Oct 2021 14:58:35 GMT
GET H2	200	adRecover.js Show response delivery.adrecover.com/41209/	34 KB 11 KB	72ms 30ms	Script application/javascript	104.18.2.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://delivery.adrecover.com/41209/adRecover.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.2.83 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17f4eb9266f7e504cdcda14e606776795a6b715773b34ddc0a9c4a5295a19fb6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br cf-cache-status HIT last-modified Sat, 16 Oct 2021 07:01:12 GMT server cloudflare age 28635 etag W/"616a78b8-8632" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=432000 cf-ray 69f225698e51c4b8-DUS expires Thu, 21 Oct 2021 14:58:35 GMT
GET H2	200	eksisozluk_logo.svg ekstat.com/img/new-design/	4 KB 2 KB	24ms 24ms	Image image/svg+xml	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekstat.com/img/new-design/eksisozluk_logo.svg Requested by Host: ekstat.com URL: https://ekstat.com/css/ek$i-13ce28c31dc5629c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2894995626c7b1d7b61783a2123a862c0bdb6f9d4a48d36fc319363d44def4fa Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ekstat.com/css/ek$i-13ce28c31dc5629c.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 13030093 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Sun, 07 Feb 2016 22:58:24 GMT server cloudflare x-frame-options DENY etag W/"2a52c6cfb61d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgg9IANs7mckNoODf27Wmzp106tXnHY8rdvCWIJHT%2Fij3grL3ADf0eIepug%2FF57bt6iCxvlwRZ282AS%2FwFyJAlOSuk8C1KL45JbhPFttSCWeSlx5u6LBf4NNxAdl"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cache-control public, max-age=31536000 cf-ray 69f225696d9640c3-CDG
GET H2	200	pena-text-logo@2x.png ekstat.com/img/new-logos/	2 KB 2 KB	21ms 21ms	Image image/png	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekstat.com/img/new-logos/pena-text-logo@2x.png Requested by Host: ekstat.com URL: https://ekstat.com/css/ek$i-13ce28c31dc5629c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31bd1fcc22fb57e99cb0a49ab2e715ac4dbaa20d50c3fdca0fb670ba08dcb006 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ekstat.com/css/ek$i-13ce28c31dc5629c.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7717336 vary Accept-Encoding content-length 2116 x-xss-protection 1; mode=block last-modified Fri, 21 Sep 2018 22:11:23 GMT server cloudflare x-frame-options DENY etag "b9906e8f851d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVRva7CvpoA71qXcX9Y%2FsUxQnUC1vucDWgOy65H98wMvIIGuj1WE6f8ows3sKlJ9SK3kM61e%2FhABCTr6Wpp7%2FDy2x6kF%2BB5OngJATD8iJ9JzmOzkTsG%2Fbnkp4JKG"}],"group":"cf-nel","max_age":604800} content-type image/png alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 69f225696d9940c3-CDG
GET H2	200	eksiseyler-text-logo@2x.png ekstat.com/img/new-logos/	3 KB 4 KB	22ms 22ms	Image image/png	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ekstat.com/img/new-logos/eksiseyler-text-logo@2x.png Requested by Host: ekstat.com URL: https://ekstat.com/css/ek$i-13ce28c31dc5629c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cef32ce5655498707172fb601cdd61261638ad57703e5c2ce031f0478eeb76b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ekstat.com/css/ek$i-13ce28c31dc5629c.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 13030093 vary Accept-Encoding content-length 3534 x-xss-protection 1; mode=block last-modified Fri, 21 Sep 2018 22:11:23 GMT server cloudflare x-frame-options DENY etag "b9906e8f851d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SjhWrHSWpn%2FPTr%2FV05PG3815H6oZSjuoProaZkDG3T3BsFSIY1aRrLa0FrxNqQzJmME4ovla0q9j4p5I462MaxGv7HeeAqWGVdBebNtvlss40rp4lITqEI%2B8D24"}],"group":"cf-nel","max_age":604800} content-type image/png alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 69f225696d9b40c3-CDG
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	16 KB 16 KB	102ms 51ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 17:27:37 GMT x-content-type-options nosniff age 423058 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16112 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:09 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 11 Oct 2022 17:27:37 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	15 KB 16 KB	110ms 59ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 03:52:06 GMT x-content-type-options nosniff age 385589 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15764 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:17 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Oct 2022 03:52:06 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	16 KB 16 KB	119ms 68ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 04:26:59 GMT x-content-type-options nosniff age 469896 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15948 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:32 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Oct 2022 04:26:59 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	15 KB 15 KB	86ms 42ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 5e099acc6d8069611d6be68e68779cdfe6c0597086cccff1ffee5c0524f70a6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 17:43:30 GMT x-content-type-options nosniff age 249305 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14960 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:16 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 13 Oct 2022 17:43:30 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	15 KB 15 KB	63ms 24ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,600&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 3d09f0eac5191049c5714ec99694c3fce7d005c97ebcdaab59fa2b2a446e3e1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 22:12:44 GMT x-content-type-options nosniff age 319551 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15016 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:12:04 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 12 Oct 2022 22:12:44 GMT
GET H2	200	ns.html Show response www.googletagmanager.com/ Frame 9129	266 B 525 B	44ms 28ms	Document text/html	142.250.185.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-WXV2Z47 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f8.1e100.net Software Google Tag Manager / Resource Hash 1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers :method GET :authority www.googletagmanager.com :scheme https :path /ns.html?id=GTM-WXV2Z47 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers content-type text/html; charset=UTF-8 content-encoding br vary * date Sat, 16 Oct 2021 14:58:35 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; includeSubDomains cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin server Google Tag Manager content-length 92 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/	2 KB 1 KB	36ms 36ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/878852058/?random=1634396315142&cv=9&fst=1634396315142&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tiba=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash f15e12ac4334ef4f5aa2a28213fbe997260f41a4a6be5d0467793e9f05120072 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1041 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery-2.2.2.min.js Show response code.jquery.com/	84 KB 29 KB	47ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.2.min.js Requested by Host: delivery.adrecover.com URL: https://delivery.adrecover.com/41209/adRecover.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software nginx / Resource Hash dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip last-modified Thu, 17 Mar 2016 17:52:17 GMT server nginx etag W/"56eaeed1-14e98" vary Accept-Encoding x-hw 1634396315.dop122.am5.t,1634396315.cds256.am5.hn,1634396315.cds302.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29880
GET H2	200	/ www.google.com/pagead/1p-user-list/878852058/	42 B 569 B	49ms 26ms	Image image/gif	172.217.18.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/878852058/?random=1634396315142&cv=9&fst=1634392800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tiba=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&fmt=3&is_vtc=1&random=2772066954&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f100.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/878852058/	42 B 569 B	84ms 33ms	Image image/gif	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/878852058/?random=1634396315142&cv=9&fst=1634392800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tiba=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&fmt=3&is_vtc=1&random=2772066954&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 187 B	50ms 17ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=114&profileId=184&cb=37193068014 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin https://eksisozluk.com date Sat, 16 Oct 2021 14:58:34 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H2	200	pubads_impl_2021101201.js Show response securepubads.g.doubleclick.net/gpt/	361 KB 122 KB	77ms 29ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash 3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 124532 x-xss-protection 0 last-modified Tue, 12 Oct 2021 08:35:04 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 16 Oct 2021 14:58:35 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 1463	11 KB 5 KB	52ms 17ms	Document text/html	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eksisozluk.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority gum.criteo.com :scheme https :path /syncframe?origin=publishertag&topUrl=eksisozluk.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding strict-transport-security max-age=31536000 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 2107 set-cookie uid=f73ab3c9-2db1-44bf-afc9-7d6c933c1780; expires=Thu, 10 Nov 2022 14:58:34 GMT; domain=.criteo.com; path=/; secure; samesite=none date Sat, 16 Oct 2021 14:58:34 GMT content-length 4685
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	78ms 23ms	Script text/javascript	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Oct 2021 16:38:54 GMT server Golfe2 age 3449 date Sat, 16 Oct 2021 14:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Sat, 16 Oct 2021 16:01:06 GMT
GET H2	200	xgemius.js Show response gatr.hit.gemius.pl/	40 KB 11 KB	53ms 15ms	Script application/x-javascript	178.33.196.208 OVH
General Check archive.org Show headers Download Go to Full URL https://gatr.hit.gemius.pl/xgemius.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 178.33.196.208 , France, ASN16276 (OVH, FR), Reverse DNS ip208.ip-178-33-196.eu Software GHC / Resource Hash 11f438c16ff18db8b5a9dc4812c96dfbee68a411a8933f22a22748538dc12734 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip last-modified Wed, 15 Sep 2021 10:02:32 GMT server GHC vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control max-age=43200 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 10839 expires Sun, 17 Oct 2021 02:58:35 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	43ms 14ms	Script application/javascript	52.222.139.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-90.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 02:24:36 GMT content-encoding gzip etag W/"1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 45303 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 x-amz-cf-id l4TWDuF6U7fbx-5xgjLPqKY4NEwcFZ33gytRN_6dpxfBC501qcY41w==
GET H2	200	adpushup.js Show response cdn.adpushup.com/41942/	267 KB 86 KB	68ms 23ms	Script application/javascript	104.18.28.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/41942/adpushup.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83d4098a61563a6f27f1e1783828f565ff48ea9bced6f7a7961dcb8f11db8cb9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br cf-cache-status HIT last-modified Thu, 14 Oct 2021 16:55:21 GMT server cloudflare age 165793 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 x-cf-geodata DE cf-ray 69f2256acfbb2163-DUS expires Sat, 16 Oct 2021 18:58:35 GMT
GET H/1.1	200 OK	info uipglob.semasio.net/dbm/1/ Redirect Chain https://uip.semasio.net/omdtr/1/info?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=46996289873510500 https://uip.semasio.net/omdtr/1/info2?_referrer=https%3A//eksisozluk.com/virustotal--1675794%3Fp%3D3&sType=view&nCampaignId=1&nJs=1&_ignore=46996289873510500 https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=f0e4616a-e89b-4800-ade7-50d21c92c975&sInitiator=internal&gdpr=&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=edf857e2-81ca-4fe7-9722-9b906634d8a6 https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NkYxMzZCNkY5NDhGMDdCRg&gdpr=1&gdpr_consent= https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELGcwxu_UKkMu4vCIpIeXAc&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1	42 B 603 B	25ms 25ms	Image image/gif	77.243.60.138 NETIC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELGcwxu_UKkMu4vCIpIeXAc&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK), Reverse DNS Software / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:33 GMT frontend-id 6 p3p policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT" access-control-allow-origin * uip-response-status Ok cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 42 routing-server-id -1 expires Sat, 01 Jan 2011 12:00:00 GMT Redirect headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELGcwxu_UKkMu4vCIpIeXAc&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 380 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1675794 Show response eksisozluk.com/alakali-basliklar/	1 KB 1004 B	79ms 79ms	XHR text/html	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eksisozluk.com/alakali-basliklar/1675794?_=1634396315073 Requested by Host: ekstat.com URL: https://ekstat.com/js/jquery-combo.js?v=_DxTzjvU_QTVO9MJ1dgI5HWpgeP32i5lCipqP0dhLfo1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37ddf26ba9e420ad61600e0d05c4227e376d3b9767d4a6637368fe763f9cacd0 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 x-requested-with XMLHttpRequest sec-fetch-dest empty cookie iq=092bc919b94a49d2ba34546e7a0bc06b; ASP.NET_SessionId=mptkjz2dmuz2bbt1pvbdwgpt; channel-filter-preference-cookie=W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ==; lastnwcrtid_571={} :path /alakali-basliklar/1675794?_=1634396315073 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept text/html, */*; q=0.01 cache-control no-cache :authority eksisozluk.com referer https://eksisozluk.com/virustotal--1675794?p=3 :scheme https sec-fetch-site same-origin :method GET Accept text/html, */*; q=0.01 Referer https://eksisozluk.com/virustotal--1675794?p=3 X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 666 x-xss-protection 1; mode=block pragma no-cache server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; preload content-type text/html; charset=utf-8 vary Accept-Encoding cache-control no-cache cf-ray 69f2256a8afc2199-DUS expires -1
GET H2	200	1675794 Show response seyler.eksisozluk.com/sozluk/baslik/ Frame 2AD3	5 KB 2 KB	228ms 219ms	Document text/html	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white Requested by Host: ekstat.com URL: https://ekstat.com/js/jquery-combo.js?v=_DxTzjvU_QTVO9MJ1dgI5HWpgeP32i5lCipqP0dhLfo1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb9c9689eeab13450e28045368d2fbe962c5e0f67b69c371aae7488c1fce690f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers :method GET :authority seyler.eksisozluk.com :scheme https :path /sozluk/baslik/1675794?style=white pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-type text/html; charset=utf-8 content-length 1396 set-cookie sey_id=5111aef1e5aa1994d41758fb403edcd5; expires=Sat, 16-Oct-21 15:58:35 GMT; max-age=3600; domain=seyler.eksisozluk.com; path=/ cache-control no-cache pragma no-cache content-encoding gzip expires -1 vary Accept-Encoding strict-transport-security max-age=15552000; preload cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 69f2256a9bfd2169-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	topicmattersummary Show response eksisozluk.com/matterindex/	242 B 565 B	199ms 198ms	XHR text/html	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eksisozluk.com/matterindex/topicmattersummary?slug=virustotal&topicid=1675794&_=1634396315074 Requested by Host: ekstat.com URL: https://ekstat.com/js/jquery-combo.js?v=_DxTzjvU_QTVO9MJ1dgI5HWpgeP32i5lCipqP0dhLfo1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fda05a10ec6c13051fae0527485ef66cbca97ecec17e3124dad8a6a7224a22e8 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 x-requested-with XMLHttpRequest sec-fetch-dest empty cookie iq=092bc919b94a49d2ba34546e7a0bc06b; ASP.NET_SessionId=mptkjz2dmuz2bbt1pvbdwgpt; channel-filter-preference-cookie=W3siSWQiOjEsIlByZWYiOnRydWV9LHsiSWQiOjIsIlByZWYiOnRydWV9LHsiSWQiOjQsIlByZWYiOnRydWV9LHsiSWQiOjUsIlByZWYiOnRydWV9LHsiSWQiOjEwLCJQcmVmIjpmYWxzZX0seyJJZCI6MTEsIlByZWYiOmZhbHNlfSx7IklkIjozOSwiUHJlZiI6ZmFsc2V9XQ==; lastnwcrtid_571={} :path /matterindex/topicmattersummary?slug=virustotal&topicid=1675794&_=1634396315074 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept text/html, */*; q=0.01 cache-control no-cache :authority eksisozluk.com referer https://eksisozluk.com/virustotal--1675794?p=3 :scheme https sec-fetch-site same-origin :method GET Accept text/html, */*; q=0.01 Referer https://eksisozluk.com/virustotal--1675794?p=3 X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 263 x-xss-protection 1; mode=block pragma no-cache server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; preload content-type text/html; charset=utf-8 vary Accept-Encoding cache-control no-cache cf-ray 69f2256a8afe2199-DUS expires -1
GET H/1.1	200 OK	async.js Show response app.gelirartisi.com/	21 KB 4 KB	51ms 49ms	Script text/javascript	31.186.16.160 TURKTICARET-AS1
General Check archive.org Show headers Download Go to Full URL https://app.gelirartisi.com/async.js?zid=72 Requested by Host: app.networkad.net URL: https://app.networkad.net/netasync.js?zid=571 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1, TR), Reverse DNS reverse-31-186-15-160.turkticaret.net Software / Resource Hash 76ac3902ee5f04ba9e7b9deaa9c0155fdc66df93a42fa55dadfae6f9f7f9b047 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 16 Oct 2021 14:58:35 GMT Content-Encoding gzip Transfer-Encoding chunked P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control no-store, no-cache Connection keep-alive Content-Type text/javascript Keep-Alive timeout=5 X-XSS-Protection 1; mode=block
POST H2	204	events bidder.criteo.com/csm/	0 187 B	16ms 15ms	Ping text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://eksisozluk.com date Sat, 16 Oct 2021 14:58:34 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H2	200	pixel.gif static.criteo.net/images/	43 B 337 B	14ms 13ms	Image image/gif	178.250.2.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=1 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx cross-origin-embedder-policy require-corp etag "493ea254-2b" content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 43 expires Tue, 11 Oct 2022 14:58:35 GMT
GET H2	200	pixel.gif static.criteo.net/images/	43 B 337 B	21ms 21ms	Image image/gif	178.250.2.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=2 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx cross-origin-embedder-policy require-corp etag "493ea254-2b" content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 43 expires Tue, 11 Oct 2022 14:58:35 GMT
GET H2	200	block.jpg delivery.adrecover.com/	631 B 771 B	17ms 17ms	Image image/jpeg	104.18.2.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://delivery.adrecover.com/block.jpg?ts=1634396315317 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.2.83 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT cf-cache-status HIT age 456300 last-modified Wed, 23 Jun 2021 06:37:54 GMT content-length 631 cf-bgj h2pri server cloudflare etag "60d2d6c2-277" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 69f2256acff5c4b8-DUS expires Thu, 21 Oct 2021 14:58:35 GMT
GET H2	200	json Show response gum.criteo.com/sid/ Frame 1463	425 B 525 B	19ms 17ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=publishertag&domain=eksisozluk.com&sn=ChromeSyncframe&so=0&topUrl=eksisozluk.com&cw=1&lsw=1 Requested by Host: gum.criteo.com URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eksisozluk.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash a075b38a40f9593a5683c0c175efcbd883eefa024035b13d0a2f28490b474955 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eksisozluk.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Sat, 16 Oct 2021 14:58:35 GMT vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 3059 expires 0
GET H2	200	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=19592957&ns__t=1634396315323&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustot... https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1634396315323&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirusto...	64 B 329 B	23ms 22ms	Image image/gif	52.222.139.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1634396315323&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9= Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-90.ams50.r.cloudfront.net Software / Resource Hash 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT via 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 etag W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg" x-cache Miss from cloudfront content-type image/gif; charset=utf-8 content-length 64 x-amz-cf-id 0kJb9r39KuefGAlDxTM72gOevm0TZSQEoHnJfD7_bcfYyyPztH9gtg== Redirect headers date Sat, 16 Oct 2021 14:58:35 GMT via 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 vary Accept x-cache Miss from cloudfront content-type text/plain; charset=utf-8 location https://sb.scorecardresearch.com/b2?c1=2&c2=19592957&ns__t=1634396315323&ns_c=UTF-8&cv=3.5&c8=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&c7=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&c9= content-length 243 x-amz-cf-id wXgYptY9cylfPPvijOs8RVektsfyFEdTv-XjM2c58KrF-el0V5Ipaw==
GET H2	200	fpdata.js Show response gatr.hit.gemius.pl/	283 B 397 B	14ms 14ms	Script application/x-javascript	178.33.196.208 OVH
General Check archive.org Show headers Download Go to Full URL https://gatr.hit.gemius.pl/fpdata.js?href=eksisozluk.com Requested by Host: gatr.hit.gemius.pl URL: https://gatr.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 178.33.196.208 , France, ASN16276 (OVH, FR), Reverse DNS ip208.ip-178-33-196.eu Software GHC / Resource Hash 991f25f8a07d7099393e5d2c6f216b3fb65593d311834da9f32d731969e96a80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT server GHC etag PRIVATE7520710249 p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control private, max-age=2592000 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 283 expires Mon, 15 Nov 2021 14:58:35 GMT
GET H2	200	lsget.html Show response ls.hit.gemius.pl/ Frame ECCD	5 KB 3 KB	93ms 28ms	Document text/html	146.59.30.100 OVH
General Check archive.org Show headers Download Go to Full URL https://ls.hit.gemius.pl/lsget.html Requested by Host: gatr.hit.gemius.pl URL: https://gatr.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.59.30.100 , France, ASN16276 (OVH, FR), Reverse DNS ip100.ip-146-59-30.eu Software GHC / Resource Hash e7d7350e7bdd46bdba8307424ba6836513a3962081fc4973691946263e273a8f Request headers :method GET :authority ls.hit.gemius.pl :scheme https :path /lsget.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers date Sat, 16 Oct 2021 14:58:35 GMT expires Mon, 15 Nov 2021 14:58:35 GMT server GHC accept-ranges none cache-control private, max-age=2592000 last-modified Mon, 16 Jul 2012 10:03:40 GMT etag PRIVATE7520710249 vary Accept-Encoding,Origin,User-Agent cross-origin-resource-policy cross-origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type text/html;charset=utf-8 content-length 2721 content-encoding gzip
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 462 B	65ms 21ms	XHR text/plain	173.194.76.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2362171-2&cid=911819125.1634396315&jid=109740134&gjid=160259380&_gid=541869889.1634396315&_u=YGBAgAABAAAAAE~&z=2026936815 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.76.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS ws-in-f156.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 16 Oct 2021 14:58:35 GMT content-type text/plain access-control-allow-origin https://eksisozluk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	57ms 23ms	Image image/gif	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=354659334&t=pageview&_s=1&dl=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ul=en-us&de=UTF-8&dt=virustotal%20-%20sayfa%203%20-%20ek%C5%9Fi%20s%C3%B6zl%C3%BCk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=109740134&gjid=160259380&cid=911819125.1634396315&tid=UA-2362171-2&_gid=541869889.1634396315&cd1=0&cd2=0&cd8=teknoloji&cd9=&cd10=&cd11=0&cd12=1675794&cd13=detail&cd14=&cd15=&cd16=eksisozluk&cd18=virustotal&cd19=topic&cd20=&z=2071885280 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 18:41:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72998 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	cdb Show response bidder.criteo.com/	765 B 561 B	19ms 18ms	XHR application/json	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=114&profileId=184&cb=1960930721 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash 9d189f4171599ffd8451dbbdbb1fe84ab1445e6e375d242a13084ec2f94e28fc Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://eksisozluk.com access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * content-length 321
GET BLOB	200 OK	824af402-266a-46d3-bdf4-2f321368bfa8 https://eksisozluk.com/	4 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://eksisozluk.com/824af402-266a-46d3-bdf4-2f321368bfa8 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Length 3743
GET H/1.1	200 OK	gart.min.js Show response app.gelirartisi.com/	190 KB 61 KB	101ms 101ms	Script text/javascript	31.186.16.160 TURKTICARET-AS1
General Check archive.org Show headers Download Go to Full URL https://app.gelirartisi.com/gart.min.js?v=1.0 Requested by Host: app.gelirartisi.com URL: https://app.gelirartisi.com/async.js?zid=72 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 31.186.16.160 , Turkey, ASN197720 (TURKTICARET-AS1, TR), Reverse DNS reverse-31-186-15-160.turkticaret.net Software / Resource Hash d1768f597975398436ccf4091d1facc7e323e959e9f0ba3882da6f9046ce24d9 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sat, 16 Oct 2021 14:58:35 GMT Content-Encoding gzip Last-Modified 1634396315000 ETag 194636-1634396315000 Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive Keep-Alive timeout=5 X-XSS-Protection 1; mode=block
POST H2	204	events bidder.criteo.com/csm/	0 187 B	16ms 16ms	Ping text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://eksisozluk.com date Sat, 16 Oct 2021 14:58:35 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H2	200	rexdot.js Show response gatr.hit.gemius.pl/__/_1634396315439/ Redirect Chain https://gatr.hit.gemius.pl/_1634396315439/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Feksisozluk.... https://gatr.hit.gemius.pl/__/_1634396315439/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Feksisozl...	169 B 436 B	27ms 27ms	Script application/x-javascript	178.33.196.208 OVH
General Check archive.org Show headers Download Go to Full URL https://gatr.hit.gemius.pl/__/_1634396315439/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=111&lsdata=0gLcJ9CrFoERHuZhO6qqZfHVfmYYjuTQ.2ueyzE7TNL.O7_s5hyn3XhffwD8bDymhNLWH9h3YWKM4WzzF.jGbachd.VE/r8OwsVXwIHm_J/&fpdata=73h3Dze5mf68zNf6S2vIIqFSdeprcEuuRORI5VleI6T.q7&vis=1&fpcap= Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 178.33.196.208 , France, ASN16276 (OVH, FR), Reverse DNS ip208.ip-178-33-196.eu Software GHC / Resource Hash 5ea3d7d26063c2576020a2eb8eec332cdb4e4a60639bdb34fdbc5cb3dd57f980 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 169 expires Fri, 15 Oct 2021 14:58:35 GMT Redirect headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location /__/_1634396315439/rexdot.js?l=100&id=bJub8NwkyDhwR5K9_vQ5U7PpLTCyoIOWs9yGN3kl4cz.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=111&lsdata=0gLcJ9CrFoERHuZhO6qqZfHVfmYYjuTQ.2ueyzE7TNL.O7_s5hyn3XhffwD8bDymhNLWH9h3YWKM4WzzF.jGbachd.VE/r8OwsVXwIHm_J/&fpdata=73h3Dze5mf68zNf6S2vIIqFSdeprcEuuRORI5VleI6T.q7&vis=1&fpcap= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Fri, 15 Oct 2021 14:58:35 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	69ms 40ms	Image image/gif	172.217.18.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2362171-2&cid=911819125.1634396315&jid=109740134&_u=YGBAgAABAAAAAE~&z=1627614752 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f100.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	75ms 43ms	Image image/gif	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2362171-2&cid=911819125.1634396315&jid=109740134&_u=YGBAgAABAAAAAE~&z=1627614752 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	quantcast.js Show response cdn.adpushup.com/pbuseridscripts/	450 B 347 B	18ms 18ms	Script application/javascript	104.18.28.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adpushup.com/pbuseridscripts/quantcast.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/41942/adpushup.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding br cf-cache-status HIT last-modified Mon, 28 Jun 2021 04:15:23 GMT server cloudflare age 111789 etag W/"60d94cdb-1c2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 69f2256bb95e2163-DUS expires Sat, 16 Oct 2021 18:58:35 GMT
POST H2	200	sync e3.adpushup.com/AdPushupFeedbackWebService/user/	70 B 318 B	50ms 13ms	Ping image/png	23.97.225.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/41942/adpushup.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT ap-cookie-status cookies ap_uid and ap_usid not set due to GDPR access-control-allow-methods GET, POST content-type image/png access-control-allow-origin https://eksisozluk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-robots-tag noindex content-length 70 expires 0
GET H2	200	AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response fundingchoicesmessages.google.com/f/	22 KB 9 KB	98ms 47ms	Script application/javascript	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/41942/adpushup.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software ESF / Resource Hash fd210588d6091ae4c3b01469fc888c9c6e9d49664b97dd8d8041b504c1cd43d3 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-trIgU3+vFhsHQFZdGao8Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-trIgU3+vFhsHQFZdGao8Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-trIgU3+vFhsHQFZdGao8Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-trIgU3+vFhsHQFZdGao8Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 9 KB	29ms 10ms	Script application/javascript	91.228.74.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: cdn.adpushup.com URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip etag "XUylRaJiJNdi08iU32oNYQ==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Sat, 23 Oct 2021 14:58:35 GMT
GET H3	200	embedable.min.css seyler.eksisozluk.com/public/stylesheets/css/ Frame 2AD3	13 KB 4 KB	226ms 225ms	Stylesheet text/css	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?v=a641130bf5c9b95aaad14abed1a29389 Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0c07aba6823fdcd6b0b59192ef83ce24be626adb2e2e5e0fe2fb559162f9f38 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip cf-cache-status BYPASS last-modified Tue, 31 Aug 2021 15:01:11 GMT server cloudflare etag "80d509799ed71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public,max-age=31536000 strict-transport-security max-age=15552000; preload accept-ranges bytes cf-ray 69f2256c0e302199-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3370
GET H2	200	LIEJBxij4yu5soBi-637667828258757834.jpg seyler.ekstat.com/img/230/L/ Frame 2AD3	9 KB 9 KB	40ms 28ms	Image image/jpeg	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seyler.ekstat.com/img/230/L/LIEJBxij4yu5soBi-637667828258757834.jpg Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dad386d3a1d143d687c9b878c87e75c55ac0956bcbd153b74a43965fe1aab31d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1766 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9113 last-modified Thu, 09 Sep 2021 08:13:48 GMT server cloudflare etag "6139c23c-2399" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F%2B0iXFL0q%2Flch8Sbfa95jhXZpEEK8L2UBXAUT3i5QN1SH7er%2B4vyxWAspneXn62EnrRXvnsh4JJ2gD1AzzDZRBMFsyFpr0fqWnoyHYbc%2BflMLRia69eu0fZdEtzVU3iZ7XGGg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 69f2256c1a8840c3-CDG
GET H2	200	h12GlRqAfyjzCwW9-637666943026559364.jpg seyler.ekstat.com/img/230/h/ Frame 2AD3	12 KB 13 KB	33ms 21ms	Image image/jpeg	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seyler.ekstat.com/img/230/h/h12GlRqAfyjzCwW9-637666943026559364.jpg Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 696ea4164cd6a496102fdd27af9434aadbcc96c3f699a879c1f8836cfaff01ce Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2787 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12587 last-modified Wed, 08 Sep 2021 07:38:22 GMT server cloudflare etag "6138686e-312b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dsyu6dOtx1mUtwBuQGgoD5Hz7X12TPhDTrdmRfqdHMjnbYy%2BtCENEPbVzf71bMiOdru5Rmusv5T2be%2F7PQiJL9WI584WVUE136JLC%2BvWaw3DvVwq35IMZFi%2BXZLFn9wHDydpw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 69f2256c1a8340c3-CDG
GET H2	200	fRsiloQyd81u5WE6-637666964588085342.jpg seyler.ekstat.com/img/230/f/ Frame 2AD3	11 KB 11 KB	36ms 24ms	Image image/jpeg	104.21.3.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seyler.ekstat.com/img/230/f/fRsiloQyd81u5WE6-637666964588085342.jpg Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.3.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 157d93066a29f65b02f01565a3823d591a1d91b7fc37ed1b508760408f847448 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4731 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10757 last-modified Wed, 08 Sep 2021 08:14:21 GMT server cloudflare etag "613870dd-2a05" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoHcQ0WOWPmjDiv08FCSmkexl08RFDr%2Bg0CS%2FCfAUe6mjrNx4bpGM%2BxxmYATqJGcvKjjx18Cd9f9%2BdRxnZk72kPh4SvprKj7XUlHIWFBUzqYCGNgbrO9eGDCu7%2BtIwYx%2FJWpdA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 69f2256c1a8540c3-CDG
GET H3	200	eksico.svg seyler.eksisozluk.com/public/images/icons/ Frame 2AD3	8 KB 3 KB	200ms 200ms	Other image/svg+xml	104.22.24.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seyler.eksisozluk.com/public/images/icons/eksico.svg Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.24.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cde9dcd68532838b4f262c50a055acbbb78ed3a8cff28ee790cc776d0c09bd90 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/sozluk/baslik/1675794?style=white User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:35 GMT content-encoding gzip cf-cache-status BYPASS last-modified Thu, 03 Mar 2016 21:48:32 GMT server cloudflare etag W/"7f6986e9675d11:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public,max-age=31536000 strict-transport-security max-age=15552000; preload cf-ray 69f2256c0e332199-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	rules-p-54Nt-1NAaEEe0.js Show response rules.quantcount.com/	2 B 345 B	41ms 12ms	Script application/javascript	52.222.139.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-5.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:52:59 GMT via 1.1 618e94643d6094e9ff9adbaaa8ed3aef.cloudfront.net (CloudFront) server AmazonS3 age 336 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 cross-origin-resource-policy cross-origin x-cache Hit from cloudfront x-amz-cf-pop AMS50-C1 content-length 2 x-amz-cf-id EeSKBjtVZ0N1h8NdlVIs7h3bvenjtON6lz3ZN7W-URAOK8dDUS2IKg==
GET H2	200	pixel;r=615945003;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3;uh=78e1d296268e;uht=2;fpan=1;fpa=P0-1136676765-1634396315567;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c... pixel.quantserve.com/	35 B 371 B	13ms 12ms	Image image/gif	91.228.74.226 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=615945003;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3;uh=78e1d296268e;uht=2;fpan=1;fpa=P0-1136676765-1634396315567;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=eksisozluk.com;je=0;sr=1600x1200x24;dst=0;et=1634396315567;tzo=0;ogl=site_name.ek%C5%9Fi%20s%C3%B6zl%C3%BCk%2Clocale.tr_TR%2Ctype.article%2Cimage.https%3A%2F%2Fekstat%252Ecom%2Fimg%2Filogo_fbv2%252Epng%3Fv%3D1%2Ctitle.virustotal%2Cdescription.yuklediginiz%20crypter%252C%20rat%252C%20keylogger%252C%20ransomware%20gibi%20malware'leri%20kendi%20sanal%20m Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:35 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 187 B	18ms 18ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.2.0-pre&cb=93652152465 Requested by Host: app.gelirartisi.com URL: https://app.gelirartisi.com/gart.min.js?v=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://eksisozluk.com date Sat, 16 Oct 2021 14:58:35 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 1 KB	182ms 61ms	XHR application/json	213.19.162.61 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=22504&site_id=363122&zone_id=1967356&size_id=65&p_pos=unknown&rf=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&tk_flint=pbjs_lite_v2.2.0-pre&x_source.tid=6b9de5e2-f447-4f1b-a7c8-2ef4d3674fe3&p_screen_res=1600x1200&rp_floor=0.5&rp_secure=1&slots=1&rand=0.8995266655842071 Requested by Host: app.gelirartisi.com URL: https://app.gelirartisi.com/gart.min.js?v=1.0 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 3b9007d5d3153ea4e1847f192deb11396222210344ee86a31d5aeeceb627e661 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 16 Oct 2021 14:58:35 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://eksisozluk.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/	0 176 B	46ms 14ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: app.gelirartisi.com URL: https://app.gelirartisi.com/gart.min.js?v=1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eksisozluk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://eksisozluk.com date Sat, 16 Oct 2021 14:58:35 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H3	200	css fonts.googleapis.com/ Frame 2AD3	3 KB 502 B	48ms 23ms	Stylesheet text/css	172.217.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Martel:300,400,700&subset=latin,latin-ext Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?v=a641130bf5c9b95aaad14abed1a29389 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f10.1e100.net Software ESF / Resource Hash 53b36692b94283f6db84b3490c5fbcb254d73c2ebffc66c9ab0262dc7651b920 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 16 Oct 2021 13:08:52 GMT server ESF date Sat, 16 Oct 2021 14:58:35 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 16 Oct 2021 14:58:35 GMT
GET H3	200	css fonts.googleapis.com/ Frame 2AD3	15 KB 904 B	46ms 23ms	Stylesheet text/css	172.217.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext Requested by Host: seyler.eksisozluk.com URL: https://seyler.eksisozluk.com/public/stylesheets/css/embedable.min.css?v=a641130bf5c9b95aaad14abed1a29389 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f10.1e100.net Software ESF / Resource Hash e3f681381e3348b47d6c28765eb3479f607d35fcdd843ac88a35a99b0a76c801 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://seyler.eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 16 Oct 2021 14:15:38 GMT server ESF date Sat, 16 Oct 2021 14:58:35 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 16 Oct 2021 14:58:35 GMT
GET H/1.1	200 OK	10924 Show response serv.nspot.co/unit/	20 B 264 B	49ms 8ms	XHR application/json	35.156.95.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serv.nspot.co/unit/10924?t=1634396315751 Requested by Host: nativespot.com URL: https://nativespot.com/apijs/v1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.95.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-95-117.eu-central-1.compute.amazonaws.com Software nativespot-ad-server / Resource Hash a38040847e432da96f7c228e4f801473f495f9f9df8bb84f7c7b3489daa39f0f Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 16 Oct 2021 14:58:35 GMT Server nativespot-ad-server Connection keep-alive Content-Length 20 Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/ Frame 2AD3	44 KB 44 KB	51ms 22ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://seyler.eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 14 Oct 2021 17:04:31 GMT x-content-type-options nosniff age 165244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 14 Oct 2022 17:04:31 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v26/ Frame 2AD3	31 KB 31 KB	60ms 32ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic,800,800italic&subset=latin,latin-ext Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://seyler.eksisozluk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 20:22:10 GMT x-content-type-options nosniff age 239785 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31404 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 13 Oct 2022 20:22:10 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	69ms 27ms	Script application/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=eksisozluk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sat, 16 Oct 2021 14:58:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	93ms 33ms	Script application/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=eksisozluk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sat, 16 Oct 2021 14:58:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	442 B 258 B	171ms 142ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_sponsored_title&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316183&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=804916931&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=644&ohw=245&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash a33fe9dad3c2d76930b19ef56be55b5131633b7c3915f4dbb45f18018e56cc34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	444 B 258 B	582ms 553ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_sponsored_title_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316188&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2278761645&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=644&ohw=245&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash d045cdcf8d4beb4e49c4d2a7e128ffe8f1c3c90e117e2df45e27eafb697440c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	444 B 257 B	273ms 244ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_sponsored_title_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316190&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=954013108&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=644&ohw=245&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ea7dfddda0f155d764f0039cd71378a63e91721cbd0a5c8581df72a944abfc5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 228 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 3 KB	1071ms 1042ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_sponsored_title_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316191&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1385785756&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=644&ohw=245&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ae552997653a39140ad641afcf36e628b7056920b60c67423d79b670855f48e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:37 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2740 x-xss-protection 0 google-lineitem-id 5805635984 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138367244810 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	444 B 258 B	489ms 460ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_sponsored_title_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316192&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1036604666&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=644&ohw=245&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 746cd8f82394d0805d8ab659ed5918c2ed9dafdfaa0ee536ae7ac1b4b84b9ff0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	59 KB 27 KB	814ms 786ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_masthead_for_nontr&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C728x90%7C970x90&fluid=height&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316194&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=151&adks=3209717840&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x0&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=4&ohw=970&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 4bd4852a036be4028e41a82f5664231ee4e0189c060ffbb31469aee4d20134c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27890 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	440 B 252 B	405ms 376ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_affiliate_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316196&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=497&adks=2799711887&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=0x0&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=132&ohw=645&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 659828554807737e173f5634f7cf7a3e1f875802c6ba9354ffc9c3dd17238f81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 223 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	444 B 256 B	87ms 58ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=138586269%2Cdesktop_web_sponsored_entry&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316199&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=517&adks=1065961773&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=0x0&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=132&ohw=645&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 7ec619de43314ac76ea091876378c0e45d6667efc4d2969cf1ee2d4234b1762f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 227 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	442 B 254 B	322ms 293ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_affiliate_entry&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316202&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=517&adks=3690430706&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=645x0&msz=0x0&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=132&ohw=645&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 61dad5aa387c3456e36e776617f42fae438a75f68bbf75a7bcc07165888abba3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	438 B 256 B	94ms 65ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=138586269%2Cdesktop_web_countdown&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316205&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=1120&adys=441&adks=1327562847&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=0x0&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=132&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 9beeb767d501b4f1214096f9882dbd7f757c07fb49cd6c17442c0c0b5d2ed206 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 227 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	90 KB 21 KB	1090ms 1061ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867480701600269&correlator=2868202067340778&output=ldjh&impl=fif&eid=31063135%2C31062525%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211016&iu_parts=1024435%2Cdesktop_web_side&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C250x250%7C200x200%7C120x600%7C300x250%7C160x600&fluid=height&eri=1&cust_params=bodytextcolor%3D333333%26boxcolor%3Df6f7f7%26mutedcolor%3D888888%26Eksisozluk_Baslik%3D1675794%26Eksisozluk_Kanal%3Dteknoloji%26intopiclinkcolor%3D53a245%26textcolor%3D333333%26linkcolor%3D333333%26entryfooterinfocolor%3Db0bec5%26Eksisozluk_Anasayfa%3DFalse%26seylerembedstyle%3Dwhite%26isAdultContent%3Dfalse%26titlekeywords%3Dvirustotal%26UserRank%3D0%26IsRequestFormTR%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1634396316&dt=1634396316206&dlt=1634396314946&idt=449&frm=20&biw=1600&bih=1200&oid=2&adxs=1120&adys=461&adks=3270089674&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feksisozluk.com%2Fvirustotal--1675794%3Fp%3D3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=911819125.1634396315&ga_sid=1634396316&ga_hid=354659334&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGI_E8szIL0UAAAAA&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 6f4aea8159d10aea19c7cc64f050f9af1013ce6901cec5d5bcc1646b0cdd4bea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21767 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://eksisozluk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AC6	6 KB 4 KB	95ms 29ms	Document text/html	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority a555196473b020211a7893855652d03d.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 16 Oct 2021 14:58:36 GMT expires Sun, 16 Oct 2022 14:58:36 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	89ms 39ms	XHR application/json	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 3134b3c1e43971b9760f5042a2d7fd8d1360afa733f2220fa3708b5993fd896c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sat, 16 Oct 2021 14:58:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8528 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	105ms 44ms	Script text/javascript	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:36 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Sat, 16 Oct 2021 14:58:36 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7BEF	12 KB 5 KB	53ms 20ms	Document text/html	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Sat, 16 Oct 2021 14:57:27 GMT expires Sun, 16 Oct 2022 14:57:27 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 69 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame FCD3	783 B 535 B	27ms 26ms	Document text/html	172.217.18.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f100.1e100.net Software GSE / Resource Hash 728105e84c9132788a85fac65710475dacff61421cf19237bf42a542e8e270e4 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5ttqXCMj2fsNJYc0ON9lXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 16 Oct 2021 14:58:36 GMT date Sat, 16 Oct 2021 14:58:36 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-5ttqXCMj2fsNJYc0ON9lXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame FCD3	0 0	102ms 72ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2867480701600269&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	200	YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response pagead2.googlesyndication.com/bg/ Frame 7BEF	35 KB 13 KB	25ms 23ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:57:05 GMT content-encoding br x-content-type-options nosniff age 91 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13430 x-xss-protection 0 last-modified Mon, 11 Oct 2021 11:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sun, 16 Oct 2022 14:57:05 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	59ms 58ms	Image image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2867480701600269&bg=!j4yljMjNAAao6lBpqOo7ACkAdvg8Wn7Csml6Xzi9Q8jOF0KG3pQxcIAQPb7sK6No2szJfNYLAUNtuQIAAAB4UgAAAAxoAQcKAIRELgdojHOzddcc8DVrTw7ep830lIjxbsjHAASK-d_5dCZwiVUiJJf1_YZPeke4MgzP6yCWkAbWiQWY4m9BpIJiP56A4N-ICh0rDE68FytGVAV2V2AcxUbXL8WlT1Q3NZSzjyyB5xerA89H_hg7w-gvE5DbcwTXBuynw4PNf2dJ7pngNUSZAsPGqpYjEjVQ53URSB7HF2CQ2hLyKGDIfq7MZesCPM--wH1I7FrM_wpUGqxTav9FwzKNoST-jWnTZfKX-65JRapnL-6DZInKczq5AdAFUvz8HbKz1VYBesOl1q0rO0kk6Mc_ReiHUSfPpxb51WgxjjebUPc7A0hzB__Q2p4p33597vkl0ELV424Ad7HkpfJFC61J4ZiX7ZO-XS8Cd1SIQg0GFda7jKkX1--j1jCagL6ceSJJ_zRqTmMc8R_FQHV1_8rXVW3LllIkdj-1y4s48MlMRDFev-fjtS6kVBvC2hBKhwjVdLJWPdWqqXHoyfIxhTRerJB4P48tTfvzZzlo7yDD8NP5oE28wVuajHJn4gCoK9PllfRekOvlmPmsM7EW3eRbWoXJRJk5e2EAW9oeqPY7Ni28IRxxbgHz9UnyDiCYy23D9DboeQsD70TOU5J9_Z5ITmvA4P6FJbUDMZHIIC_7jJrYVl3oz9X3Mu8VAUtvXAihRjWev5uOMO-Dq8wiYOcQCpwtjpyILSrP4wG0sDY6RB2JLsH0eB4kmOHEnPA6tv_vsneHHzqTJZJmRCHeWp2W_e92A6NrOkQs3oqMKFNlKdFP9CwJLV8C891I4fF0JniOj3Eqx6Pf6SXh56-c4ZZNUj0zUEMsXglMcwH64P5vjU1OFXqE12i9upgwzDaQL1gYDRnxMzP1R0lIV8l9ekG6BbLTHjGdNfqTzcdT-Y9faV6cUYSzNOpuyi6FvPLlEQqpYMshvIShmuwxMrFykqp_7A2DPdhxc-HweHj3ZaIA-iWJTv-k-k2FV1qFDi6V__3Xk5BVMkXiAVb94VS81DPE4tEpWP6iYmGDT-ePBCjEbnHcUuOUeyw0dPZ2Ijor04t2hiXtH35N2N8LSHZKqzurMAcNV8AQ1g_0QfanQ_3-mbpe3XSE9xyEkk629nu28eJRVA Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	inview.js Show response s1.adform.net/banners/scripts/video/outstream/	46 KB 18 KB	140ms 34ms	Script application/x-javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/banners/scripts/video/outstream/inview.js Requested by Host: app.gelirartisi.com URL: https://app.gelirartisi.com/async.js?zid=72 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 87abc1f798f1622a50a952046ac2f1d90370a534c351e158f4e9e7304ccc6114 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:37 GMT content-encoding gzip last-modified Mon, 05 Oct 2020 06:12:20 GMT server nginx etag W/"5f7ab944-b8e0" x-cache-status HIT p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript
GET H3	200	container.html Show response a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6871	6 KB 3 KB	57ms 27ms	Document text/html	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority a555196473b020211a7893855652d03d.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 16 Oct 2021 14:58:36 GMT expires Sun, 16 Oct 2022 14:58:36 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	recacheFrame.html Show response s1.adform.net/banners/scripts/video/outstream/ Frame 9166	374 B 505 B	18ms 18ms	Document text/html	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/banners/scripts/video/outstream/recacheFrame.html?rnd=1634396317068 Requested by Host: s1.adform.net URL: https://s1.adform.net/banners/scripts/video/outstream/inview.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash c6d2b9a590ce26fab790a7956b3c9086c68c3dc8a6df96e1045ef0df768c8f17 Request headers :method GET :authority s1.adform.net :scheme https :path /banners/scripts/video/outstream/recacheFrame.html?rnd=1634396317068 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://eksisozluk.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ Response headers server nginx date Sat, 16 Oct 2021 14:58:37 GMT content-type text/html p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public max-age=604800 content-encoding gzip x-cache-status MISS
GET H2	200	inview.js Show response s1.adform.net/banners/scripts/video/outstream/ Frame 9166	46 KB 18 KB	23ms 23ms	Script application/x-javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/banners/scripts/video/outstream/inview.js Requested by Host: s1.adform.net URL: https://s1.adform.net/banners/scripts/video/outstream/recacheFrame.html?rnd=1634396317068 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 87abc1f798f1622a50a952046ac2f1d90370a534c351e158f4e9e7304ccc6114 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s1.adform.net/banners/scripts/video/outstream/recacheFrame.html?rnd=1634396317068 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:37 GMT content-encoding gzip last-modified Mon, 05 Oct 2020 06:12:20 GMT server nginx etag W/"5f7ab944-b8e0" x-cache-status HIT p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 118A	0 16 B	72ms 39ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT-xcICEMHAsvcCGLnM6rYBMAE&v=APEucNVazc2CDcDnMSqSW52_BGKpBGgsf-SZ0ED4jO9DhAHj-EarnUpPoc2WwsiKgtqvP_fFAnjPHRIhwqa20ryqi8IE4AhC2Q Requested by Host: a555196473b020211a7893855652d03d.safeframe.googlesyndication.com URL: https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CIT-xcICEMHAsvcCGLnM6rYBMAE&v=APEucNVazc2CDcDnMSqSW52_BGKpBGgsf-SZ0ED4jO9DhAHj-EarnUpPoc2WwsiKgtqvP_fFAnjPHRIhwqa20ryqi8IE4AhC2Q pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUmO7Bkmjjy_F4NQteGL116ShhShADBvMeTS8fqfnigEb5Nbs98S9tQLFCPpy9g Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Sat, 16 Oct 2021 14:58:37 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	abg_lite_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 6871	18 KB 8 KB	28ms 27ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:37:38 GMT content-encoding gzip x-content-type-options nosniff age 1259 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7691 x-xss-protection 0 server cafe etag 14402072889669646931 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 30 Oct 2021 14:37:38 GMT
GET H3	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 6871	6 KB 3 KB	26ms 26ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp_fy2019.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:57:52 GMT content-encoding gzip x-content-type-options nosniff age 45 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2631 x-xss-protection 0 server cafe etag 10983085961369067521 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 30 Oct 2021 14:57:52 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6871	0 592 B	134ms 69ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPI7XKsEiILzNt66Som88s03kedaWNvv0081cs037XTQduIrVHVdnDO-Wz55kel-jQcWEkf_j2rcgkhr5gErZTkIno6RzZUejn9KV0__mIfEfry5T9cDQvns_g_Kkpj4SwMUdfpj9b2ZMkZ9hgG9z8UHriVbQy4M0BgCNV-LRtF92bE0T4__NV6d6Bq-pkJVJ44bpVtJfOmR7FUOM5B15zu3q9Uvr7SSL6NWbQ5YmrHQNx44MAlQCVswa6eh73RKtHafCUT7gKgrzbu50rYtCzEpFGM1kAiPI1sJBBYz6fRmWo84N6XBdgQNn1dbRLhN3wkuQgY4KSv-kdyAuzFfg8Q1i1N5zfX8mo_pwyjB3tll-K03_P1T0tfTvSGTascrWTyT9NpKmeTeH9CfD4cW8oNmLKCzfCPJ7WNiLuX6dA4rrDaRSHHMx20Y_398MUEDuQo9dCK4CV0H2wb6JL7SL9kNO9zpG2pWEOwXNbWxDxO2hfALl_cBIkA1foSv3EarEbUF5S0lliWFGkGwh7D6e89cWKxIEuiJGeA1OZ7OrLyM2srDpEbcW25n42cdQZEMX41Tb_K3iN0jz_fTf288Ka-W1YCrCmGntYgALQb8PkAxnxapd4VXGWUFYRZz7_xDzZpVoCmibxDXWU-z3VBdnpXHmwj7QgD_Cx4B8uvgnCntnkClxCBtLJYgXThfm2xVd2-ZB5m5X0-WmvWpA5JNAnRfe4vIH94eSE3hf48uxeaiSRrU4Xyw_sud33OE2cGCeNk_2UXndubExLJHAcCY6ASNRdWlv8HuScbvvIRsHbrHbYdhhd4CmOibZ1ZXwxMEVon3EdxgWbP1Z5MKGaLHGR3EO0iq6vso4E3o9iAsxJfGgCVAwQyUwSmibvtbYPf0FRGoct5bPqwTOhijVbcerXxSEnFmFhCLjwrGgA_4owgkLIUYqm2Xpnr9a7hVzlUZhZPmGVjFl7i70AN3BcUXPZL4XC1QpBQJz79zDDI9ICuwqlNlWR1GALLK-OXyuy59mFudp_rMU4_d9bgbIruiUVc5Jv_gGGnqiVUQsEWWPKVeAGUEG62d_xh52MtPswEJTFToFtRQI6gRJvymM3Rm5zYw4R9brgLBzR8iAuRIeewCMVaymD9x7l4q8vxNacGjYtLr6mSbpCs2-2KvK0_y9nbALppYGUTUYb3XpiDW2j2Se3CnRFlkdD09mL6mFugDDpDBX_KOh61ZsvtZ0yjf_Gdrkn31qhN4UbkBDb5HppKNiohLH3PJ4ejphROEHQPQ&sai=AMfl-YSM4Oj5Cfj_L_8Vh32MJ-iUKp_4OM1ArcFm9NmQed2UfLCvktpPIABfrzikFuMGbIbSfhjW9TJQzr5sUfASz3OkduajSGWWeeV92EbHaHuH2rCOxxIF-5BUU-tLDwOg3GtXn88QQO8fjU4NKdzFtFYAMkK-RCgCWLky5dB_stf49UINzNz3SZQsPSxJJ17MtAy0rqjgiOl-kI0lGZooh6va8TpzUPHLt9p8n6gVYZWVVyn6lLQlHesm4zXGFd4orDw1ahEYoh0SuptYqTxyjdvYmE5spq8&sig=Cg0ArKJSzMsz6GOVMRp_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211013.87572&adurl= Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Sat, 16 Oct 2021 14:58:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6871	41 KB 15 KB	20ms 20ms	Script text/javascript	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 14 Oct 2021 07:15:02 GMT content-encoding gzip x-content-type-options nosniff age 200615 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Fri, 14 Oct 2022 07:15:02 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6871	42 B 63 B	56ms 55ms	Image image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ao3AAfK5tk1zuIBCwHlvUN0bWjDNAWgy30JSo35JcAAjIH97OS30i4VcIgprVcnzCzpjpkC8a4d3b2Nvc7OyNsDiUGClyWgipBi3FB6bbT4_O28Ao Requested by Host: a555196473b020211a7893855652d03d.safeframe.googlesyndication.com URL: https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 6871	3 KB 1 KB	21ms 20ms	Script text/javascript	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js Requested by Host: a555196473b020211a7893855652d03d.safeframe.googlesyndication.com URL: https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:55:12 GMT content-encoding gzip x-content-type-options nosniff age 205 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 30 Oct 2021 14:55:12 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6871	123 KB 37 KB	69ms 40ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: a555196473b020211a7893855652d03d.safeframe.googlesyndication.com URL: https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash 41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:58:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37919 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1634125446224599" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 16 Oct 2021 14:58:37 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 6871	14 KB 6 KB	22ms 21ms	Script text/javascript	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js Requested by Host: a555196473b020211a7893855652d03d.safeframe.googlesyndication.com URL: https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:48:35 GMT content-encoding gzip x-content-type-options nosniff age 602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 30 Oct 2021 14:48:35 GMT
GET H2	200	13775870566229603285 s0.2mdn.net/simgad/ Frame 6871	48 KB 0	116ms 27ms	Image image/jpeg	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/13775870566229603285 Requested by Host: a555196473b020211a7893855652d03d.safeframe.googlesyndication.com URL: https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 14 Oct 2021 22:00:16 GMT x-content-type-options nosniff age 147501 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146910 x-xss-protection 0 last-modified Thu, 07 Oct 2021 10:20:14 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 14 Oct 2022 22:00:16 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 39F5	22 KB 8 KB	20ms 20ms	Document text/html	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://a555196473b020211a7893855652d03d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Thu, 14 Oct 2021 07:15:05 GMT expires Fri, 14 Oct 2022 07:15:05 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 200612 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response pagead2.googlesyndication.com/bg/ Frame 39F5	35 KB 13 KB	23ms 23ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 16 Oct 2021 14:57:05 GMT content-encoding br x-content-type-options nosniff age 92 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13430 x-xss-protection 0 last-modified Mon, 11 Oct 2021 11:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sun, 16 Oct 2022 14:57:05 GMT
GET DATA	200 OK	truncated / Frame 6871	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8e05319a5e9480222d65298d64c08801985509f67eeb9fd6cbfaca3026428c70 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response adx.adform.net/adx/ Redirect Chain https://adx.adform.net/adx/?rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1634396317250 https://adx.adform.net/adx/?CC=1&rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1634396317250	28 B 556 B	21ms 21ms	Script text/javascript	37.157.4.39 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?CC=1&rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1634396317250 Requested by Host: eksisozluk.com URL: https://eksisozluk.com/virustotal--1675794?p=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash ccb45a525946fc2e99fb1e5b264aeacfa5579127c28d5703f6c75269a6f742c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sat, 16 Oct 2021 14:58:37 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 150 expires -1 Redirect headers pragma no-cache date Sat, 16 Oct 2021 14:58:37 GMT server nginx location https://adx.adform.net/adx/?CC=1&rp=4&&bWlkPTc4MjAwOSZ0PTI%3D&callback=_adform1634396317250 strict-transport-security max-age=31536000; includeSubDomains p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform content-type text/html; charset=utf-8 expires -1
GET		activeview pagead2.googlesyndication.com/pcs/ Frame 6871	0 0
POST		iev csm.fr.eu.criteo.net/ Frame 1463	0 0
GET H3	200	css fonts.googleapis.com/	2 KB 563 B	22ms 22ms	Stylesheet text/css	172.217.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f10.1e100.net Software ESF / Resource Hash 89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 16 Oct 2021 13:11:53 GMT server ESF date Sat, 16 Oct 2021 14:58:37 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sat, 16 Oct 2021 14:58:37 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/	0 23 B	57ms 56ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgzWY0HK9e8YSfKTbAsIamP3n4csvRz-RfR-ehxTeL7lkyzGyMXeBUphMMK1TqzNv81-gsJgsykPyfP4qmEjTChJE_25t1FY4XES9Uk9wgamTwgXWK93Mh9rxZlZaf4WdtPTM7SIWy8-Wgp0ah1DipGk9oF4AJ-x0tIwZEpkLH0Pk0zcagPE_oLwHnzPVu1tIqwduZZXhOCUJqibKLk6GFkLqhxR5cqzFK0h59b3KT9rK5hKnImR4Bj8TI_bVx6rFZ4y9O5vGzmnrJ7TxxN-3O5l51d8nbRmGTlxP0uAY8w-2AJf3U0hSqOwC0_LlcDaMDOj0Y8Peq3gx0&sig=Cg0ArKJSzF3yPbFodjHnEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eksisozluk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sat, 16 Oct 2021 14:58:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET DATA	200 OK	truncated /	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 525cd89b01458471661ad7a8553f81a9711ee792571a0d93ba9d36550cd2efbd Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5fmWqtu3tcj-n4dRKUK89kykoTcv_8irv18eJ7Y7euerWgX1hr5h5VutXMv-T4T4dYnXkDO53siqNVv8d3f6z0kQOc8Ym0Ln0fP0B4D7LX9TQDJEBfw&sai=AMfl-YRphMxRmAQ0QATACZuFRCfTZSbyvGyz9zIu5xoQ2VFk_IdG74Yanir-VVk6sL8S-xthp0kx7a2klGEG4pKI-5t3oPSIpiUDY0uHGJMdfUhLH6Js4lHXyyLytjZN&sig=Cg0ArKJSzJVE5H0Vt7QuEAE&cid=CAASPeRot9u_5hI2DfYzR1rIWcI0z5gzokJtLbXBWXZmz5E0EUp6eSwL2CYjqQMqgHiNM7PC3IMJbX6xGGKd1gI&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211013&bin=7&avms=ns&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=3209717840&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=2&r=u&rst=1634396317045&wmsd=1

Domain

csm.fr.eu.criteo.net

URL

https://csm.fr.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~20