website-kampanyalarim.site Open in urlscan Pro
3.123.31.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://website-kampanyalarim.site/
Submission Tags: @ecarlesi threat #phishing #denizbank Search All
Submission: On July 24 via api (July 24th 2023, 2:23:58 am UTC) from AU — Scanned from AU

Summary HTTP 107 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 58 IPs in 12 countries across 50 domains to perform 107 HTTP transactions. The main IP is 3.123.31.56, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is website-kampanyalarim.site.
TLS certificate: Issued by R3 on July 23rd 2023. Valid for: 3 months.

This is the only time website-kampanyalarim.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	3.123.31.56 3.123.31.56	16509 (AMAZON-02) (AMAZON-02)
1	5.159.251.32 5.159.251.32	41296 (ABH) (ABH)
1 4	74.125.130.103 74.125.130.103	15169 (GOOGLE) (GOOGLE)
1 1	54.170.121.144 54.170.121.144	16509 (AMAZON-02) (AMAZON-02)
1	13.33.88.27 13.33.88.27	16509 (AMAZON-02) (AMAZON-02)
1	162.159.134.61 162.159.134.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.12.97 142.251.12.97	15169 (GOOGLE) (GOOGLE)
3	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
1	64.233.170.101 64.233.170.101	15169 (GOOGLE) (GOOGLE)
3 4	64.233.170.157 64.233.170.157	15169 (GOOGLE) (GOOGLE)
2	74.125.68.102 74.125.68.102	15169 (GOOGLE) (GOOGLE)
1 3	142.251.10.149 142.251.10.149	15169 (GOOGLE) (GOOGLE)
2	54.192.150.30 54.192.150.30	16509 (AMAZON-02) (AMAZON-02)
1	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
3	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
2 3	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	185.84.60.57 185.84.60.57	198622 (ADFORM) (ADFORM)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
2	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
4	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
1	13.224.249.94 13.224.249.94	16509 (AMAZON-02) (AMAZON-02)
1	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
6	185.57.65.125 185.57.65.125	9215 (VMIND) (VMIND)
2 4	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
4	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1 3	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
1 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	103.43.90.19 103.43.90.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.51.96.11 184.51.96.11	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.151.135.69 54.151.135.69	16509 (AMAZON-02) (AMAZON-02)
1	23.106.127.38 23.106.127.38	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	184.51.137.72 184.51.137.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
1 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1	124.146.215.2 124.146.215.2	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	104.69.166.9 104.69.166.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	43.201.178.53 43.201.178.53	16509 (AMAZON-02) (AMAZON-02)
1	52.192.226.225 52.192.226.225	16509 (AMAZON-02) (AMAZON-02)
1	42.99.140.177 42.99.140.177	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1 2	54.169.94.58 54.169.94.58	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	35.156.26.24 35.156.26.24	16509 (AMAZON-02) (AMAZON-02)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	66.225.223.159 66.225.223.159	3949 (NTTA-3946) (NTTA-3946)
1	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	13.33.88.107 13.33.88.107	16509 (AMAZON-02) (AMAZON-02)
1	23.215.7.26 23.215.7.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	209.58.171.197 209.58.171.197	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	104.26.5.103 104.26.5.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.251.174.164 54.251.174.164	16509 (AMAZON-02) (AMAZON-02)
1	44.238.253.87 44.238.253.87	16509 (AMAZON-02) (AMAZON-02)
107	58

22 3.123.31.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com

website-kampanyalarim.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.159.251.32 (Turkey)

ASN41296 (ABH, TR)
PTR: mailorder.garenta.com.tr

images.garenta.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.103 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.121.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-121-144.eu-west-1.compute.amazonaws.com

cdn.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-27.sin2.r.cloudfront.net

ntm.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.134.61 (None, )

ASN13335 (CLOUDFLARENET, US)

garenta.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f101.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.170.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sg-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net

8901912.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.150.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-30.sin2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.84.60.57 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-94.sin52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.57.65.125 (Istanbul, Turkey)

ASN9215 (VMIND, TR)

wsdkapi.netmera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.73.136 (Singapore) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.146 (Singapore) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.179 (Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.19 (Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.96.11 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-96-11.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.151.135.69 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-135-69.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.137.72 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.2 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.5.84.243 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.201.178.53 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-201-178-53.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.226.225 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-226-225.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.177 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-177.pacnet.net

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.169.94.58 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-94-58.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.26.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-26-24.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.225.223.159 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.107 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-107.sin2.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.7.26 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-7-26.deploy.static.akamaitechnologies.com

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.171.197 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.251.174.164 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-174-164.ap-southeast-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.253.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-253-87.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	website-kampanyalarim.site website-kampanyalarim.site	20 KB
9	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 8901912.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 120 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	5 KB
8	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 437 sslwidget.criteo.com — Cisco Umbrella Rank: 1845 widget.eu.criteo.com — Cisco Umbrella Rank: 22866 dis.criteo.com — Cisco Umbrella Rank: 607	13 KB
6	netmera.com wsdkapi.netmera.com — Cisco Umbrella Rank: 84354	11 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 186 adservice.google.com — Cisco Umbrella Rank: 117	3 KB
5	google.com.au 1 redirects www.google.com.au — Cisco Umbrella Rank: 23709 adservice.google.com.au — Cisco Umbrella Rank: 120411	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 458	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	324 B
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 4332 s2.adform.net — Cisco Umbrella Rank: 7469	33 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	222 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 741 script.hotjar.com — Cisco Umbrella Rank: 932	73 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	188 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	3 KB
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 806	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 673	877 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1570	2 KB
2	socdm.com adgen.socdm.com — Cisco Umbrella Rank: 18118 tg.socdm.com — Cisco Umbrella Rank: 1124	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 323	508 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	738 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 355	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 161	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	193 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4828	88 KB
2	netmera-web.com 1 redirects cdn.netmera-web.com — Cisco Umbrella Rank: 73819 ntm.netmera-web.com — Cisco Umbrella Rank: 74075	17 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 639	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2271	621 B
1	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13646	624 B
1	aralego.com 1 redirects sync.aralego.com — Cisco Umbrella Rank: 3286	502 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2724	259 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 788	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 792	287 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 221	669 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1261	882 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 428	449 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 571	705 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 4076	414 B
1	dable.io adx.dable.io — Cisco Umbrella Rank: 18143	141 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 665	546 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2066	278 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1327	232 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643	688 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 588	609 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	786 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 634	795 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 4923	18 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1234	57 KB
1	useinsider.com garenta.api.useinsider.com	677 B
1	garenta.com.tr images.garenta.com.tr	61 KB
107	50

	Domain	Requested by
22	website-kampanyalarim.site	website-kampanyalarim.site
6	wsdkapi.netmera.com	cdn.netmera-web.com
4	www.facebook.com	website-kampanyalarim.site
4	gum.criteo.com	2 redirects static.criteo.net gum.criteo.com
4	www.google.com.au	website-kampanyalarim.site 8901912.fls.doubleclick.net
4	www.google.com	1 redirects website-kampanyalarim.site
3	track.adform.net	2 redirects website-kampanyalarim.site
3	connect.facebook.net	website-kampanyalarim.site connect.facebook.net
3	8901912.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	fonts.googleapis.com	website-kampanyalarim.site
2	s.ad.smaato.net	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	eb2.3lift.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	www.googleadservices.com	8901912.fls.doubleclick.net www.googleadservices.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.hotjar.com	www.googletagmanager.com website-kampanyalarim.site
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	website-kampanyalarim.site www.googletagmanager.com
2	netdna.bootstrapcdn.com	website-kampanyalarim.site netdna.bootstrapcdn.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	cdn.aralego.net
1	sync.aralego.com	1 redirects
1	ade.clmbtech.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	c.bing.com
1	exchange.mediavine.com
1	idsync.rlcdn.com
1	ads.stickyadstv.com
1	cs.adingo.jp
1	adx.dable.io
1	tags.bluekai.com
1	tg.socdm.com
1	adgen.socdm.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	widget.eu.criteo.com	website-kampanyalarim.site
1	sslwidget.criteo.com	1 redirects
1	adservice.google.com.au	1 redirects
1	adservice.google.com	8901912.fls.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	s2.adform.net	website-kampanyalarim.site
1	cdn.mxpnl.com	website-kampanyalarim.site
1	static.criteo.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	garenta.api.useinsider.com	website-kampanyalarim.site
1	ntm.netmera-web.com	website-kampanyalarim.site
1	cdn.netmera-web.com	1 redirects
1	images.garenta.com.tr	website-kampanyalarim.site
107	65

This site contains links to these domains. Also see Links.

Domain
uzundonem.garenta.com.tr
www.garenta.com.tr
www.anadolugrubu.com.tr
www.celikmotor.com
www.ikinciyeni.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
twitter.com
apps.apple.com
play.google.com
careers.anadolukariyerim.com

Subject Issuer	Validity	Valid
website-kampanyalarim.site R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.garenta.com.tr GlobalSign RSA OV SSL CA 2018	`2023-01-11` - `2024-02-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.netmera.com Go Daddy Secure Certificate Authority - G2	`2023-05-25` - `2024-06-25`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-02-03` - `2023-11-21`	10 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
adx.dable.io Gandi Standard SSL CA 2	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
colombiaonline.com R3	`2023-07-17` - `2023-10-15`	3 months	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://website-kampanyalarim.site/
Frame ID: EA2611DFEC3D0D5E7613F480C279C228
Requests: 66 HTTP requests in this frame

Frame: https://8901912.fls.doubleclick.net/activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F
Frame ID: 161B74B84941694F9AC22D13EC148C7E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F
Frame ID: 3D6B730580BB43FD0AAE560550B6404E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag
Frame ID: E9EB35C12E8B0A0661F26787B0D433A9
Requests: 2 HTTP requests in this frame

Frame: https://8901912.fls.doubleclick.net/ddm/fls/r/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F
Frame ID: 9240410E746BFAB195C939AAFEE62BD7
Requests: 4 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30
Frame ID: A8772FB808B8CDCE5BFA0FC96454B383
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Denizbank Afili Bonus Kart Kampanyası - Garenta

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

107
Requests

84 %
HTTPS

0 %
IPv6

50
Domains

65
Subdomains

58
IPs

12
Countries

1072 kB
Transfer

2903 kB
Size

70
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://uzundonem.garenta.com.tr/
Title: Uzun Dönem Kiralama

Search URL Search Domain Scan URL

URL: https://www.garenta.com.tr/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: http://www.anadolugrubu.com.tr/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: http://www.celikmotor.com/anasayfa?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://www.garenta.com.tr/

Search URL Search Domain Scan URL

URL: https://www.ikinciyeni.com/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Garenta

Search URL Search Domain Scan URL

URL: https://www.instagram.com/accounts/login/?next=/garenta/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/garenta/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GarentaTR

Search URL Search Domain Scan URL

URL: https://twitter.com/Garentatr

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/garenta/id1107610443?l=tr

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=acropole.garenta&hl=tr&gl=US

Search URL Search Domain Scan URL

URL: https://careers.anadolukariyerim.com/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g HTTP 302
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

Request Chain 37

https://8901912.fls.doubleclick.net/activityi;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F HTTP 302
https://8901912.fls.doubleclick.net/activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Request Chain 43

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 60

https://adservice.google.com.au/ddm/fls/i/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F HTTP 302
https://8901912.fls.doubleclick.net/ddm/fls/r/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Request Chain 63

https://sslwidget.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJIRE1RM0IxWDUlMkZCakZnc3FWNzklMkJlYkRlVzFWeWhEZW1rOFptSjVEcG9SMDg3Z1g4Q0VjayUyRnhlU1dpdXlhYTU2VGJ1ZFRXbXJrOHplN3p5enE0NHh3MjZ0MUx4Q3BoV2VIc3NvMkIydiUyQlpJU3IxJTJCZ09lYksyU1FRTTZCbW8wcWFwNzNwU3J6TkRqQSUzRA&tld=website-kampanyalarim.site&fu=https%253A%252F%252Fwebsite-kampanyalarim.site%252F&ceid=ed3add6c-1282-4223-9c8d-4a7a8d23c816&dtycbr=95566 HTTP 302
https://widget.eu.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJIRE1RM0IxWDUlMkZCakZnc3FWNzklMkJlYkRlVzFWeWhEZW1rOFptSjVEcG9SMDg3Z1g4Q0VjayUyRnhlU1dpdXlhYTU2VGJ1ZFRXbXJrOHplN3p5enE0NHh3MjZ0MUx4Q3BoV2VIc3NvMkIydiUyQlpJU3IxJTJCZ09lYksyU1FRTTZCbW8wcWFwNzNwU3J6TkRqQSUzRA&tld=website-kampanyalarim.site&fu=https%253A%252F%252Fwebsite-kampanyalarim.site%252F&ceid=ed3add6c-1282-4223-9c8d-4a7a8d23c816&dtycbr=95566

Request Chain 72

https://track.adform.net/Serving/TrackPoint/?pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=409273574901&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=409273574901&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 73

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCILEpfCkpoADFQwAaAod6DIGow%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D7056011414463%3Bauiddc%3D1781744446.1690165429%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=uOC9ZLS5HNSq9fwP84mekAg&sscte=1&crd=&pscrd=IhMItPXa8aSmgAMVVFWdCR3zhAeC HTTP 302
https://www.google.com/pagead/1p-conversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCILEpfCkpoADFQwAaAod6DIGow%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D7056011414463%3Bauiddc%3D1781744446.1690165429%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItPXa8aSmgAMVVFWdCR3zhAeC&is_vtc=1&ocp_id=uOC9ZLS5HNSq9fwP84mekAg&cid=CAQSKQBpAlJWNfD5dX5-3_x96KlGoNTjqX_R0HxM5yTCjaEbO3j7wDozwleg&random=3653721456&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.au/pagead/1p-conversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCILEpfCkpoADFQwAaAod6DIGow%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D7056011414463%3Bauiddc%3D1781744446.1690165429%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItPXa8aSmgAMVVFWdCR3zhAeC&is_vtc=1&ocp_id=uOC9ZLS5HNSq9fwP84mekAg&cid=CAQSKQBpAlJWNfD5dX5-3_x96KlGoNTjqX_R0HxM5yTCjaEbO3j7wDozwleg&random=3653721456&resp=GooglemKTybQhCsO&ipr=y

Request Chain 76

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zdJGL6nCvPgnMHqdKy3NePmvZgG3bBgwgFVtzQ&google_cm&google_hm=ay16ZEpHTDZuQ3ZQZ25NSHFkS3kzTmVQbXZaZ0czYkJnd2dGVnR6UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zdJGL6nCvPgnMHqdKy3NePmvZgG3bBgwgFVtzQ&google_gid=CAESEHM2SwvHj4Du8R5tFxBu_6E&google_cver=1&google_ula=913071,0

Request Chain 78

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3617553965791651871

Request Chain 79

https://secure.adnxs.com/setuid?entity=52&code=k-z-N4FKnCvPgnMHqdKy3NePmvZgGHgK5MV7gJmQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z-N4FKnCvPgnMHqdKy3NePmvZgGHgK5MV7gJmQ

Request Chain 86

https://eb2.3lift.com/xuid?mid=2711&xuid=k-OscuCqnCvPgnMHqdKy3NePmvZgFRB2cMh6n4Fg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-OscuCqnCvPgnMHqdKy3NePmvZgFRB2cMh6n4Fg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 87

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7CIlv6nCvPgnMHqdKy3NePmvZgFqqutVcaezrA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7CIlv6nCvPgnMHqdKy3NePmvZgFqqutVcaezrA&verify=true

Request Chain 90

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=qp9GD428GF_Mb6Wz2Sj2tGk3zdwOJBVu

Request Chain 91

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pDx0v6nCvPgnMHqdKy3NePmvZgH5plAN1luK1g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pDx0v6nCvPgnMHqdKy3NePmvZgH5plAN1luK1g&C=1

Request Chain 95

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XMGcBanCvPgnMHqdKy3NePmvZgFqbL_WWknJvA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XMGcBanCvPgnMHqdKy3NePmvZgFqbL_WWknJvA

Request Chain 101

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vlr-UKnCvPgnMHqdKy3NePmvZgE4c689TxlC7g HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vlr-UKnCvPgnMHqdKy3NePmvZgE4c689TxlC7g&cookieCheck=1

Request Chain 103

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-XQErQqnCvPgnMHqdKy3NePmvZgFQjr4bxnmRbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OTk3OTY2ODMtZTExMS0zMmIzLTk4ZjEtZGNkZTBmOGNlNzQz&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 105

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Xt9lzCpNA_vAhwy0NVlYW8EAeB6kUNWg

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
website-kampanyalarim.site/ 45 KB
9 KB 1525ms
358ms Document
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.0.29 PleskLin
Resource Hash: 88428020331bd2923c769d7dbacc79219db0d1a4d6e54affc2ad81712477b063

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-length: 9429
content-type: text/html; charset=UTF-8
date: Mon, 24 Jul 2023 02:23:47 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.29 PleskLin

GET
H2 404 layoutcss
website-kampanyalarim.site/Content/assets/ 0
0 353ms
352ms Stylesheet
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/layoutcss?v=23GcvFvbxnWA3tRNkzzdQ-uMepEn0x1qtLq4Z9-gvQw1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta-logo.png
website-kampanyalarim.site/Content/assets/images/ 808 B
808 B 353ms
353ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/Content/assets/images/garenta-logo.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H/1.1 200
OK 22705fa1-f617-4c28-a1ba-cf7daf6b900e.png
images.garenta.com.tr/CollabrationImages/afili-bonus-kart-yuzde-38-indirim/ 61 KB
61 KB 1147ms
382ms Image
image/png 5.159.251.32
ABH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.garenta.com.tr/CollabrationImages/afili-bonus-kart-yuzde-38-indirim/22705fa1-f617-4c28-a1ba-cf7daf6b900e.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.159.251.32 , Turkey, ASN41296 (ABH, TR),
Reverse DNS: mailorder.garenta.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7993590ef120800ae890a068d78d219cdb797b35c3c65e3f6afc2860bc44413e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 02:23:48 GMT
Last-Modified: Thu, 22 Jun 2023 10:44:24 GMT
Server: Microsoft-IIS/8.5
ETag: "e5b6b582f6a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: none
Content-Length: 62414
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H2 404 garenta-logo.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 368ms
364ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta-logo.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 Logo_Anadolu.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 709ms
705ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/Logo_Anadolu.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 celik_motor_footer_new.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 696ms
693ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/celik_motor_footer_new.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta_logo_footer_new.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 714ms
711ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta_logo_footer_new.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 ikinci_yeni_logo_new_footer.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 708ms
705ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/ikinci_yeni_logo_new_footer.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 faceico_2.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 713ms
710ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/faceico_2.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 instaico2.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 717ms
714ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/instaico2.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 linkico1.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 709ms
706ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/linkico1.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 youtubeico1.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 703ms
700ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/youtubeico1.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 twitter_ico.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 699ms
697ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/twitter_ico.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 app_appstore.png
website-kampanyalarim.site/content/assets/images/ 808 B
808 B 716ms
714ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/app_appstore.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 app_googleplay.png
website-kampanyalarim.site/content/assets/images/ 808 B
808 B 710ms
708ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/app_googleplay.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta_loading.gif
website-kampanyalarim.site/Content/assets/images/ 808 B
808 B 703ms
701ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/Content/assets/images/garenta_loading.gif
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 layoutjs
website-kampanyalarim.site/Content/assets/ 0
0 374ms
370ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/layoutjs?v=5ndK8cFtiEk8qdedfpS5iSnmGmkcKgf-OA-Hfyvomko1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 collaboration.js
website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/ 0
0 370ms
366ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/collaboration.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 pickercss
website-kampanyalarim.site/Content/assets/ 0
0 376ms
372ms Stylesheet
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/pickercss?v=nPZx4XkJDbjowHzcEljTttKeOOprBqKncyC91BbxEPA1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 pickerjs
website-kampanyalarim.site/Content/assets/ 0
0 372ms
368ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/pickerjs?v=uNpyDy0xeAYJw4OnUHFUWcK6YKbc3I47j2KcIOrmi8c1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 campaignsearch
website-kampanyalarim.site/Content/assets/ 0
0 373ms
369ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/campaignsearch?v=lmSsQ_mLQagITVa4pfpKeptS2wEfyclBN7eYb-ODlK01
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 tr_TR.js
website-kampanyalarim.site/Content/assets/js/picker/ 0
0 361ms
358ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/js/picker/tr_TR.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:47 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
873 B 875ms
199ms Script
text/javascript 74.125.130.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=tr

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f103.1e100.net

Software

GSE /

Resource Hash

1e3fe0befdde21c86098aca47577ed5e6b6b0e85f200d486b4f76e9dc346e422

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 24 Jul 2023 02:23:48 GMT

GET
H2

200

netmera_sdk.js Show response
ntm.netmera-web.com/wsdk2/nmweb/
Redirect Chain

https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

60 KB
17 KB

1152ms
409ms

Script
application/javascript

13.33.88.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Server: 13.33.88.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-27.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30478d91396916be9394c38fd5dddfd240825a5b2d8bf3d1af321a466b4cbee1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:50 GMT
content-encoding: br
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 09:10:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
etag: W/"b6e1978280bc66104123d8a33007ed48"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: private, max-age=900, s-maxage=604800
x-amz-cf-id: r1ZEtLcati_QcL8N5z0xLcj-YO9W5DJUfpWjlM7xJHb55YLHwywubg==

Redirect headers

location: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
date: Mon, 24 Jul 2023 02:23:48 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2 200 ins.js Show response
garenta.api.useinsider.com/ 0
677 B 631ms
131ms Script
application/javascript 162.159.134.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garenta.api.useinsider.com/ins.js?id=10001743

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aLLGNX5X6NuBlPbwN11fa6CiA74NVt4l
cf-cache-status: HIT
x-amz-request-id: V40ZHXQXWNBN9SXN
content-length: 0
x-amz-id-2: d5ddbQ3ASmQ0yGjxHVSbb2JN57cM2d3UfIdd6ETlDnEGJpX2egJSro8NiQDVeTzUrdFDZ8SXcZs=
x-xss-protection: 1
pragma: public
last-modified: Tue, 26 Apr 2022 14:00:02 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 7eb8b4062e18a93e-SYD
expires: Mon, 24 Jul 2023 14:23:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 866ms
191ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i&subset=latin-ext

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 02:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 02:23:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 02:23:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
752 B 872ms
197ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin-ext

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 02:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 02:23:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 02:23:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
853 B 865ms
190ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 02:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 01:54:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 02:23:48 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 599ms
101ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 8919372
cdn-cachedat: 2021-04-12 23:59:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2249cc2d5592c0660ad0a7d219cd1aad
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7eb8b4062b3fa86e-SYD
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
105 KB 889ms
212ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

31ae5e35f948157f9eedcaf8b958e5723a795b3f71511c0c8e5949b20e73b028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107325
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jul 2023 02:23:48 GMT

GET
H2 200 recaptcha__tr.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 433 KB
174 KB 861ms
187ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__tr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=tr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

12ab4bbc298bd8b74b50de852a3dddd35c9b71a47c22ff77dc6962b752236f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://website-kampanyalarim.site/
Origin: https://website-kampanyalarim.site
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 02:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177573
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jul 2024 02:52:59 GMT

GET
H2 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 82 KB
82 KB 759ms
268ms Font
font/woff 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Origin: https://website-kampanyalarim.site
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 986
cdn-cachedat: 06/19/2023 03:09:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83760
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "fdf491ce5ff5b2da02708cd0e9864719"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3740246ac8d8a58eff9066f28bde3e0c
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7eb8b40baf2da932-SYD
cdn-requestpullsuccess: True

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 861ms
186ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://website-kampanyalarim.site
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:47:25 GMT
x-content-type-options: nosniff
age: 300984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 14:47:25 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 880ms
205ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://website-kampanyalarim.site
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:50:02 GMT
x-content-type-options: nosniff
age: 300827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 14:50:02 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 159 KB
57 KB 873ms
196ms Script
application/javascript 64.233.170.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PJS7MG3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f101.1e100.net

Software

Google Tag Manager /

Resource Hash

4f1af0dd3adf756000f4a0db2fecfa6b6606654623c5aa0debe3fa6594c23d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 57971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jul 2023 02:23:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992173426/ 3 KB
2 KB 869ms
195ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992173426/?random=1690165429004&cv=11&fst=1690165429004&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&auid=1781744446.1690165429&uamb=0&uaw=0&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

dca7c8f2910eab4f3cdddd781eb314bb1824907dee007d0de22ec898ea9b569e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 861ms
186ms Script
text/javascript 74.125.68.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Jul 2023 00:25:24 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7105
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 24 Jul 2023 02:25:24 GMT

GET
H2

200

activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;ua... Show response
8901912.fls.doubleclick.net/ Frame 161B
Redirect Chain

https://8901912.fls.doubleclick.net/activityi;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;...
https://8901912.fls.doubleclick.net/activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;...

586 B
500 B

192ms
192ms

Document
text/html

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8901912.fls.doubleclick.net/activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

086516f11b10ac8f0f88f2172fc099a004c52f0bafc83d9fd628c2cb58c64de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://website-kampanyalarim.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 02:23:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 02:23:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8901912.fls.doubleclick.net/activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2838419.js Show response
static.hotjar.com/c/ 9 KB
4 KB 748ms
367ms Script
application/javascript 54.192.150.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2838419.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.150.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-150-30.sin2.r.cloudfront.net

Software

Resource Hash

a8d53eaeda6725d311a182d068ea269a1f01a2d9565ee777b6a359857c3971c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Jul 2023 02:23:49 GMT
via: 1.1 160bb0630905c94d984edd48c570887e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
etag: W/5e515b438f8ca365ddcfefcf9d0fce23
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: pcSt8wO4bw9Mud0uhHlff8-a2uyi02XxM-Ku304jZHCwGpZDMu3_sg==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 45 KB
15 KB 1043ms
368ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 May 2023 12:05:15 GMT
server: nginx
etag: W/"6464c2fb-b219"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Jul 2023 02:23:49 GMT

GET
H2 200 hotjar-602392.js Show response
static.hotjar.com/c/ 0
431 B 742ms
364ms Script
application/javascript 54.192.150.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-602392.js?sv=5

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.150.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-150-30.sin2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Mon, 24 Jul 2023 02:23:49 GMT
x-content-type-options: nosniff
via: 1.1 160bb0630905c94d984edd48c570887e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 0
x-amz-cf-id: elOLefRVFbJxIVlSCP9o9FvcyJ0jzCTCzdlF9v7OPRketZzGIC9i5g==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 591ms
97ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 17:16:09 GMT
content-encoding: gzip
age: 32860
x-guploader-uploadid: ADPycduL58tk3Z1iS9d8GGWbIOcELoNNzCZTQyOESTEGQNNV1Yad43qTAVm5G6qR8UP97xWpxCmwNIXPA78kk_rchXAkcA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Mon, 24 Jul 2023 17:16:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 856ms
185ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 02:23:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: fTU9RrtvoISQV4Hbr5N+KCsLVeLsezOrcrB1hVr0Va29UxckzS93AMEDk51JI1QiOQUe3t9LQ56wFV13BpyLpA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

1361ms
432ms

Script
application/javascript

185.84.60.57
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Server: 185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:52 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000007b703250182f83a1-00646c8ee1-32950a8f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 24 Jul 2023 02:23:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
87 KB 196ms
195ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c3a92a8aab76be885b2044e4b467f4a0fae3d6a07a242a46d0d6e2bebd2b75f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jul 2023 02:23:49 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
261 B 776ms
190ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MEEZBTE0X0&gtm=45je37j0&_p=1847640562&_gaz=1&cid=2145877136.1690165429&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1690165429&sct=1&seg=0&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&dt=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&en=page_view&_fv=1&_nsi=1&_ss=2&up.userId=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 862ms
187ms Ping
text/plain 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MEEZBTE0X0&cid=2145877136.1690165429&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 864ms
191ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MEEZBTE0X0&cid=2145877136.1690165429&gtm=45je37j0&aip=1&z=9415202

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.a0d74aac8cc078f29dca.js Show response
script.hotjar.com/ 279 KB
68 KB 593ms
212ms Script
application/javascript 13.224.249.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a0d74aac8cc078f29dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2838419.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.249.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-249-94.sin52.r.cloudfront.net

Software

Resource Hash

32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 824b6b17b59323f523bbeab054eeb246.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 219823
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69233
last-modified: Fri, 21 Jul 2023 13:19:44 GMT
etag: "296f56b68e90f44dfc003e4f2b43db7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QLM2I95ARW78zyHVOfIRa-7bpII6tcgRUvl-gR8Kit0li77hAP2zOQ==

GET
H2 200 dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;... Show response
adservice.google.com/ddm/fls/i/ Frame 3D6B 589 B
700 B 868ms
192ms Document
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Requested by

Host: 8901912.fls.doubleclick.net
URL: https://8901912.fls.doubleclick.net/activityi;dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

6768f13cd7f0fe6b50dbac22857aeb94c93cdfb7aeda9db833d2891efbaa380f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8901912.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 325
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 02:23:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/992173426/ 42 B
327 B 193ms
192ms Image
image/gif 74.125.130.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992173426/?random=1690165429004&cv=11&fst=1690164000000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&fmt=3&is_vtc=1&random=4075336604&rmt_tld=0&ipr=y

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/992173426/ 42 B
154 B 638ms
192ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/992173426/?random=1690165429004&cv=11&fst=1690164000000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&fmt=3&is_vtc=1&random=4075336604&rmt_tld=1&ipr=y

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 get
wsdkapi.netmera.com/sdk/3.0/config/ Frame 0
0 1121ms
372ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/config/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: GET
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 02:23:50 GMT
server: nginx

GET
H2 200 get Show response
wsdkapi.netmera.com/sdk/3.0/config/ 11 KB
11 KB 374ms
373ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/config/get

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

781e86f4d85534912da82bb67bdf2ab3cdaa3c06359fd0a774a43c02bed387d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: en-AU,en;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 02:23:51 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E9EB 15 KB
6 KB 882ms
205ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://website-kampanyalarim.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 02:23:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 306314
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 187ms
186ms XHR
text/plain 74.125.68.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1847640562&t=pageview&_s=1&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&ul=en-us&de=UTF-8&dt=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQAAAACAAI~&jid=556547043&gjid=885190353&cid=2145877136.1690165429&tid=UA-48094469-2&_gid=405970045.1690165430&_slc=1&gtm=45He37j0n71WQKTFB&cd16=False&z=1948445402

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://website-kampanyalarim.site/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
360 B 443ms
186ms XHR
text/plain 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48094469-2&cid=2145877136.1690165429&jid=556547043&gjid=885190353&_gid=405970045.1690165430&_u=aCDAgEABQAAAAGAAI~&z=622684770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://website-kampanyalarim.site/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Jul 2023 02:23:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1134162144016155 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 409ms
408ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1134162144016155?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

318be3ccf5efa7aeac3d594dd84f3d2241bb6eca0ef33b47a1eeb90728750db0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 02:23:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Ptf5+YjZD+x2rRTonSvREPqDLWVDJzGL8+sLYTPR/1mUp08fBPoz7GX6Hg2HTzfHWbt0dwBwXN9zSnppnIkyIg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 192ms
191ms Image
image/gif 74.125.130.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48094469-2&cid=2145877136.1690165429&jid=556547043&_u=aCDAgEABQAAAAGAAI~&z=1236136368

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 191ms
191ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48094469-2&cid=2145877136.1690165429&jid=556547043&_u=aCDAgEABQAAAAGAAI~&z=1236136368

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;... Show response
8901912.fls.doubleclick.net/ddm/fls/r/ Frame 9240
Redirect Chain

https://adservice.google.com.au/ddm/fls/i/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;...
https://8901912.fls.doubleclick.net/ddm/fls/r/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;...

798 B
345 B

193ms
192ms

Document
text/html

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8901912.fls.doubleclick.net/ddm/fls/r/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

a9fd15d779e4d7fcfe44aca11e1013bdf6b95d2702df559f6ac160ff6361cb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 320
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 02:23:51 GMT
expires: Mon, 24 Jul 2023 02:23:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 02:23:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8901912.fls.doubleclick.net/ddm/fls/r/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 858ms
185ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1134162144016155&ev=PageView&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690165430927&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690165430926.1954722458&it=1690165430274&coo=false&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 02:23:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame E9EB 468 B
584 B 187ms
187ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=website-kampanyalarim.site&sn=ChromeSyncframe&so=0&topUrl=website-kampanyalarim.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

07c726ece60f40788af3459f81b10b4af7ed83b740254ebc29ab55f4a37843b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1139065
expires: 0

GET
H2

200

event Show response
widget.eu.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJI...
https://widget.eu.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJI...

9 KB
4 KB

1039ms
346ms

Script
application/x-javascript

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.eu.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJIRE1RM0IxWDUlMkZCakZnc3FWNzklMkJlYkRlVzFWeWhEZW1rOFptSjVEcG9SMDg3Z1g4Q0VjayUyRnhlU1dpdXlhYTU2VGJ1ZFRXbXJrOHplN3p5enE0NHh3MjZ0MUx4Q3BoV2VIc3NvMkIydiUyQlpJU3IxJTJCZ09lYksyU1FRTTZCbW8wcWFwNzNwU3J6TkRqQSUzRA&tld=website-kampanyalarim.site&fu=https%253A%252F%252Fwebsite-kampanyalarim.site%252F&ceid=ed3add6c-1282-4223-9c8d-4a7a8d23c816&dtycbr=95566

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3690c0c510278c5fc9d655f9d5bcf0d84a98e49dfa90e13f74d98bea3c53cad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6823482
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.eu.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJIRE1RM0IxWDUlMkZCakZnc3FWNzklMkJlYkRlVzFWeWhEZW1rOFptSjVEcG9SMDg3Z1g4Q0VjayUyRnhlU1dpdXlhYTU2VGJ1ZFRXbXJrOHplN3p5enE0NHh3MjZ0MUx4Q3BoV2VIc3NvMkIydiUyQlpJU3IxJTJCZ09lYksyU1FRTTZCbW8wcWFwNzNwU3J6TkRqQSUzRA&tld=website-kampanyalarim.site&fu=https%253A%252F%252Fwebsite-kampanyalarim.site%252F&ceid=ed3add6c-1282-4223-9c8d-4a7a8d23c816&dtycbr=95566
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3838950
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 200 init Show response
wsdkapi.netmera.com/sdk/3.0/session/ 2 B
266 B 379ms
378ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/session/init

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: en-AU,en;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 02:23:51 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

OPTIONS
H2 204 init
wsdkapi.netmera.com/sdk/3.0/session/ Frame 0
0 372ms
372ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/session/init
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 02:23:51 GMT
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 356ms
185ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1134162144016155&ev=Microdata&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690165431429&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta%22%2C%22meta%3Adescription%22%3A%22DenizBank%20Afili%20Bankac%C4%B1l%C4%B1k%20M%C3%BC%C5%9Fterilerine%20%C3%96zel%20%2538%20%C4%B0ndirim!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2FContent%2Fassets%2Fimages%2Fgarenta-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&ec=1&o=30&fbp=fb.1.1690165430926.1954722458&it=1690165430274&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 02:23:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 9240 49 KB
18 KB 570ms
191ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8901912.fls.doubleclick.net
URL: https://8901912.fls.doubleclick.net/ddm/fls/r/dc_pre=CILEpfCkpoADFQwAaAod6DIGow;src=8901912;type=invmedia;cat=garen0;ord=7056011414463;auiddc=1781744446.1690165429;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

a5a0acdff67a4fb9a764bee718a95a1f32627564a41c1499218e15ae821ed090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18400
x-xss-protection: 0
server: cafe
etag: 5532077944865073575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 02:23:52 GMT

GET
H2 200 272039029802521 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 531ms
531ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272039029802521?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

bf01bdbb65f05cdda2528eef0c19c238158cf04d8244cc192d354ae5c875d4b2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 02:23:52 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Qo64LC6L1MQJbSd4C6+hNBBtu9MzbrKNXhaPhfJFoNwOErX+yxzLFr5RKKkDgzKwKOkfoFEtEsm11yjBf6lyLQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 fire Show response
wsdkapi.netmera.com/sdk/3.0/event/ 0
243 B 374ms
372ms Fetch 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/event/fire

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: en-AU,en;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 02:23:52 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fire
wsdkapi.netmera.com/sdk/3.0/event/ Frame 0
0 374ms
372ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/event/fire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 02:23:52 GMT
server: nginx

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/788595272/ Frame 9240 3 KB
2 KB 197ms
193ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/788595272/?random=1690165432362&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCILEpfCkpoADFQwAaAod6DIGow%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D7056011414463%3Bauiddc%3D1781744446.1690165429%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

cf54c72579e18d4165afb8a6f6b5300052a432304ad899a7b2385670dbd00ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=4092735749...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=40927...

178 B
765 B

354ms
354ms

Script
text/javascript

37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=409273574901&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa867a91b982a4f96446c6cda5c266dcad3fde806b86313a605fed5319708319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 236
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=409273574901&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/
www.google.com.au/pagead/1p-conversion/788595272/ Frame 9240
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46...
https://www.google.com/pagead/1p-conversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u...
https://www.google.com.au/pagead/1p-conversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C51224783...

42 B
108 B

196ms
196ms

Image
image/gif

74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCILEpfCkpoADFQwAaAod6DIGow%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D7056011414463%3Bauiddc%3D1781744446.1690165429%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItPXa8aSmgAMVVFWdCR3zhAeC&is_vtc=1&ocp_id=uOC9ZLS5HNSq9fwP84mekAg&cid=CAQSKQBpAlJWNfD5dX5-3_x96KlGoNTjqX_R0HxM5yTCjaEbO3j7wDozwleg&random=3653721456&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/788595272/?random=949794978&cv=9&fst=1690165432362&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCILEpfCkpoADFQwAaAod6DIGow%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D7056011414463%3Bauiddc%3D1781744446.1690165429%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMItPXa8aSmgAMVVFWdCR3zhAeC&is_vtc=1&ocp_id=uOC9ZLS5HNSq9fwP84mekAg&cid=CAQSKQBpAlJWNfD5dX5-3_x96KlGoNTjqX_R0HxM5yTCjaEbO3j7wDozwleg&random=3653721456&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 185ms
184ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272039029802521&ev=PageView&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690165432638&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690165430926.1954722458&it=1690165430274&coo=false&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 02:23:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 185ms
185ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272039029802521&ev=Microdata&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690165433139&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta%22%2C%22meta%3Adescription%22%3A%22DenizBank%20Afili%20Bankac%C4%B1l%C4%B1k%20M%C3%BC%C5%9Fterilerine%20%C3%96zel%20%2538%20%C4%B0ndirim!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2FContent%2Fassets%2Fimages%2Fgarenta-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&ec=1&o=30&fbp=fb.1.1690165430926.1954722458&it=1690165430274&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 02:23:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame A877
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30

43 B
510 B

201ms
200ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 02:23:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nvUPPKnCvPgnMHqdKy3NePmvZgFvuBsr6Q1vlw&expires=30
Date: Mon, 24 Jul 2023 02:23:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A877
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zdJGL6nCvPgnMHqdKy3NePmvZgG3bBgwgFVtzQ&google_cm&google_hm=ay16ZEpHTDZuQ3ZQZ25NSHFkS3kzTmVQbXZaZ0czYkJnd...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zdJGL6nCvPgnMHqdKy3NePmvZgG3bBgwgFVtzQ&google_gid=CAESEHM2SwvHj4Du8R5tFxBu_6E&google_cver=1&google_ula=913071,0

43 B
369 B

188ms
187ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zdJGL6nCvPgnMHqdKy3NePmvZgG3bBgwgFVtzQ&google_gid=CAESEHM2SwvHj4Du8R5tFxBu_6E&google_cver=1&google_ula=913071,0

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 842636
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zdJGL6nCvPgnMHqdKy3NePmvZgG3bBgwgFVtzQ&google_gid=CAESEHM2SwvHj4Du8R5tFxBu_6E&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A877
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3617553965791651871

43 B
370 B

188ms
188ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3617553965791651871

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1580938
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:54 GMT
an-x-request-uuid: 0547323e-7d52-4f5a-9974-5a08ab212ae2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3617553965791651871
x-proxy-origin: 66.203.112.161; 66.203.112.161; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame A877
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-z-N4FKnCvPgnMHqdKy3NePmvZgGHgK5MV7gJmQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z-N4FKnCvPgnMHqdKy3NePmvZgGHgK5MV7gJmQ

43 B
905 B

185ms
185ms

Image
image/gif

103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z-N4FKnCvPgnMHqdKy3NePmvZgGHgK5MV7gJmQ

Protocol

Server

103.43.90.19 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:54 GMT
an-x-request-uuid: d5a588cf-7cd4-461e-bc47-4b5d5d5bcd9f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 66.203.112.161; 66.203.112.161; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:53 GMT
an-x-request-uuid: 9075942f-4743-4c88-9db9-1de9e9ef9720
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z-N4FKnCvPgnMHqdKy3NePmvZgGHgK5MV7gJmQ
cache-control: no-store, no-cache, private
x-proxy-origin: 66.203.112.161; 66.203.112.161; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame A877 61 B
795 B 1542ms
226ms Image
image/gif 184.51.96.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-9E8SBqnCvPgnMHqdKy3NePmvZgGq-TUtIYUj9w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.96.11 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-96-11.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 02:23:54 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 24 Jul 2023 02:23:54 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A877 42 B
786 B 794ms
187ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Ax19aqnCvPgnMHqdKy3NePmvZgHPF2UPpvjhXw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame A877 68 B
609 B 575ms
187ms Image
image/png 54.151.135.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-tYgHlKnCvPgnMHqdKy3NePmvZgFI9QgSG-yqrg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.151.135.69 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-135-69.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:53 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A877 43 B
688 B 660ms
187ms Image
image/gif 23.106.127.38
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-RNcuAKnCvPgnMHqdKy3NePmvZgFh8VA2GBpUNw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 24 Jul 2023 02:23:53 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A877 0
232 B 567ms
185ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-y8mgD6nCvPgnMHqdKy3NePmvZgGw9O1SrUHP3g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 184308

GET
H2 200 um
criteo-sync.teads.tv/ Frame A877 23 B
278 B 954ms
278ms Image
image/gif 184.51.137.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-fJYdiKnCvPgnMHqdKy3NePmvZgEXC_lngx_q4w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.137.72 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-137-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Mon, 24 Jul 2023 02:23:54 GMT
pragma: no-cache
date: Mon, 24 Jul 2023 02:23:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame A877
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-OscuCqnCvPgnMHqdKy3NePmvZgFRB2cMh6n4Fg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-OscuCqnCvPgnMHqdKy3NePmvZgFRB2cMh6n4Fg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

188ms
187ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-OscuCqnCvPgnMHqdKy3NePmvZgFRB2cMh6n4Fg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 24 Jul 2023 02:23:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-OscuCqnCvPgnMHqdKy3NePmvZgFRB2cMh6n4Fg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 24 Jul 2023 02:23:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame A877
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7CIlv6nCvPgnMHqdKy3NePmvZgFqqutVcaezrA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7CIlv6nCvPgnMHqdKy3NePmvZgFqqutVcaezrA&verify=true

0
121 B

190ms
190ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7CIlv6nCvPgnMHqdKy3NePmvZgFqqutVcaezrA&verify=true

Protocol

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7CIlv6nCvPgnMHqdKy3NePmvZgFqqutVcaezrA&verify=true
date: Mon, 24 Jul 2023 02:23:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame A877 43 B
824 B 693ms
234ms Image
image/gif 124.146.215.2
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.2 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Mon, 24 Jul 2023 02:23:54 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZL3gusCo8GsAAGHetCwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40048"}
X-SO-Key: ZL3gusCo8GsAAGHetCwAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40048
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40048.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 43
X-SO-LB-Hostname: m-ng7.dc4p.scaleout.jp
X-SO-IP: 66.203.112.161

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame A877 43 B
864 B 694ms
232ms Image
image/gif 124.146.215.46
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-SizHIanCvPgnMHqdKy3NePmvZgGBsCuHFVSCTw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Mon, 24 Jul 2023 02:23:54 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-SizHIanCvPgnMHqdKy3NePmvZgGBsCuHFVSCTw","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZL3gusCo8YkAAOVafu4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad311"}
X-SO-Key: ZL3gusCo8YkAAOVafu4AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad311
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad311.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: m-tgng37.dc4p.scaleout.jp
X-SO-IP: 66.203.112.161

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame A877
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=qp9GD428GF_Mb6Wz2Sj2tGk3zdwOJBVu

62 B
546 B

764ms
367ms

Image
image/gif

104.69.166.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=qp9GD428GF_Mb6Wz2Sj2tGk3zdwOJBVu
Protocol: H2
Server: 104.69.166.9 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-166-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 24 Jul 2023 02:23:54 GMT
content-length: 62
bk-server: 41e
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=qp9GD428GF_Mb6Wz2Sj2tGk3zdwOJBVu
date: Mon, 24 Jul 2023 02:23:52 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 13974439
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame A877
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pDx0v6nCvPgnMHqdKy3NePmvZgH5plAN1luK1g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pDx0v6nCvPgnMHqdKy3NePmvZgH5plAN1luK1g&C=1

43 B
766 B

187ms
186ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pDx0v6nCvPgnMHqdKy3NePmvZgH5plAN1luK1g&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 02:23:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 02:23:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-pDx0v6nCvPgnMHqdKy3NePmvZgH5plAN1luK1g&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 pixel
adx.dable.io/ Frame A877 0
141 B 683ms
235ms Image
text/plain 43.201.178.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-QL-E4qnCvPgnMHqdKy3NePmvZgHiSwbDmDiRIg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 43.201.178.53 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-201-178-53.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:54 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame A877 43 B
414 B 676ms
225ms Image
image/gif 52.192.226.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-KSL4XKnCvPgnMHqdKy3NePmvZgGSU_jQ0hj5hg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.226.225 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-226-225.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Mon, 24 Jul 2023 02:23:54 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame A877 43 B
705 B 606ms
189ms Image
image/gif 42.99.140.177
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-8GrOh6nCvPgnMHqdKy3NePmvZgEhs24wpaaJqQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.177 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-177.pacnet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 02:23:54 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1690165434801072-48
Expires: Mon, 24 Jul 2023 02:23:54 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame A877
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XMGcBanCvPgnMHqdKy3NePmvZgFqbL_WWknJvA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XMGcBanCvPgnMHqdKy3NePmvZgFqbL_WWknJvA

43 B
448 B

189ms
189ms

Image
image/gif

54.169.94.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XMGcBanCvPgnMHqdKy3NePmvZgFqbL_WWknJvA
Protocol: H2
Server: 54.169.94.58 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-94-58.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jul 2023 02:23:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XMGcBanCvPgnMHqdKy3NePmvZgFqbL_WWknJvA
access-control-allow-origin: *
date: Mon, 24 Jul 2023 02:23:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame A877 42 B
449 B 535ms
271ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-3CHUWanCvPgnMHqdKy3NePmvZgFeSYdyUyKOFA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:54 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame A877 0
882 B 1020ms
339ms Image
text/html 35.156.26.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gvHOlKnCvPgnMHqdKy3NePmvZgFu9t5bO9ra_w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:55 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame A877 42 B
669 B 721ms
218ms Image
image/gif 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-uArpQqnCvPgnMHqdKy3NePmvZgFLPm5Ruo7EYQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:55 GMT
last-modified: Tue, 06 Jun 2023 16:36:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B94ACCD8C5B4AFCB41F93ED30A26698 Ref B: SYD03EDGE0813 Ref C: 2023-07-24T02:23:55Z
etag: "7b637fb9498d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame A877 0
287 B 991ms
250ms Image
text/plain 66.225.223.159
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-_Zux6KnCvPgnMHqdKy3NePmvZgGhBzIqV5_mlg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 02:23:55 GMT
Cache-Control: no-cache
X-TraceId: 8ec7dffe730ed8c9f55bcb54bee4214f
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A877 42 B
582 B 561ms
186ms Image
image/gif 67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JjpJb6nCvPgnMHqdKy3NePmvZgGYT8f4hc7WCg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 24 Jul 2023 01:28:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

/
s.ad.smaato.net/c/ Frame A877
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vlr-UKnCvPgnMHqdKy3NePmvZgE4c689TxlC7g
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vlr-UKnCvPgnMHqdKy3NePmvZgE4c689TxlC7g&cookieCheck=1

0
555 B

187ms
187ms

Image
text/plain

13.33.88.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vlr-UKnCvPgnMHqdKy3NePmvZgE4c689TxlC7g&cookieCheck=1
Protocol: H2
Server: 13.33.88.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-107.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:55 GMT
via: 1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: 5UJF9HJgpgeC3YoOkAwqbzwtQLS3NFSrlXljbHrF-HUHbcDoSstV7Q==

Redirect headers

date: Mon, 24 Jul 2023 02:23:55 GMT
via: 1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vlr-UKnCvPgnMHqdKy3NePmvZgE4c689TxlC7g&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ZvH244GKVy2uHXsi-rhitvxAWQN_d7Y440Mz5E98w-bM7O52zuGUfA==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame A877 68 B
259 B 1104ms
243ms Image
image/jpeg 23.215.7.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k--g3ZUKnCvPgnMHqdKy3NePmvZgGKeA54Lmg0nQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.215.7.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-215-7-26.deploy.static.akamaitechnologies.com

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Mon, 24 Jul 2023 02:23:55 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.83.150:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame A877
Redirect Chain

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-XQErQqnCvPgnMHqdKy3NePmvZgFQjr4bxnmRbQ
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OTk3OTY2ODMtZTExMS0zMmIzLTk4ZjEtZGNkZTBmOGNlNzQz&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
624 B

611ms
101ms

Image
image/png

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:23:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1404
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 68
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdrUskXmkW0RZRGtE3ktb4xPFfEgzfzSOLYPoMkfc3x%2FmD6kjPODRI9o9qZCusgUy0n7lPqAZk0huKkWkiTffVu6dYMT9noWfmmvI41LALhioB36icWqX%2Frgw9EcJcG7zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7eb8b438e809ab01-SYD

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cdn.aralego.net/img/1x1.png
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame A877 43 B
621 B 564ms
188ms Image
image/gif 54.251.174.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-CYfY0anCvPgnMHqdKy3NePmvZgE6k1zuiM-2LA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.174.164 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-174-164.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 02:23:55 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A877
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Xt9lzCpNA_vAhwy0NVlYW8EAeB6kUNWg

0
338 B

735ms
244ms

Image
text/plain

44.238.253.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Xt9lzCpNA_vAhwy0NVlYW8EAeB6kUNWg
Protocol: H2
Server: 44.238.253.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-253-87.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: beacon-n007-pdx-prod.krxd.net
date: Mon, 24 Jul 2023 02:23:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1690165435
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Xt9lzCpNA_vAhwy0NVlYW8EAeB6kUNWg
date: Mon, 24 Jul 2023 02:23:53 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 952504
content-length: 0

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.useinsider.com/	1970-01-20 13:29:27	Name: __cf_bm Value: RcEPGXvjhwbyuWzTFc4OKvdr8dxWixUctVN.VsKL994-1690165428-0-AbiQ94IHHQ6KkK4snFXpdypsmjiMzD3okclxIy8WNodoo9i1rIP6RAq4MRF9IdTu4wAlwBPmJIc5HeaVo4jcTGM=
.website-kampanyalarim.site/	1970-01-20 15:39:01	Name: _gcl_au Value: 1.1.1781744446.1690165429
.website-kampanyalarim.site/	1970-01-20 23:05:25	Name: _ga_MEEZBTE0X0 Value: GS1.1.1690165429.1.0.1690165429.60.0.0
.website-kampanyalarim.site/	1970-01-20 22:15:01	Name: mp_a1961649b67d787d8f16563d4020438f_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18985b5c589f16-039b853bf15704-693c5154-1d4c00-18985b5c589f16%22%2C%22%24device_id%22%3A%20%2218985b5c589f16-039b853bf15704-693c5154-1d4c00-18985b5c589f16%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.website-kampanyalarim.site/	1970-01-20 23:05:25	Name: _ga Value: GA1.2.2145877136.1690165429
.website-kampanyalarim.site/	1970-01-20 13:30:51	Name: _gid Value: GA1.2.405970045.1690165430
.website-kampanyalarim.site/	1970-01-20 13:29:25	Name: _dc_gtm_UA-48094469-2 Value: 1
.website-kampanyalarim.site/	1970-01-20 22:15:01	Name: _hjSessionUser_2838419 Value: eyJpZCI6ImVmYmZiNjc0LTE4ZTYtNTYzZC1hNGVhLTQzNGUzMzU1MGU4NCIsImNyZWF0ZWQiOjE2OTAxNjU0MzA3MjQsImV4aXN0aW5nIjpmYWxzZX0=
.website-kampanyalarim.site/	1970-01-20 13:29:27	Name: _hjFirstSeen Value: 1
.website-kampanyalarim.site/	1970-01-20 13:29:25	Name: _hjIncludedInSessionSample_2838419 Value: 0
.website-kampanyalarim.site/	1970-01-20 13:29:27	Name: _hjSession_2838419 Value: eyJpZCI6IjVjM2E1NGIzLTEyMTMtNGFlZC04MmM0LTkzZDhjZTVjODMzNSIsImNyZWF0ZWQiOjE2OTAxNjU0MzA3MzMsImluU2FtcGxlIjpmYWxzZX0=
.website-kampanyalarim.site/	1970-01-20 13:29:27	Name: _hjAbsoluteSessionInProgress Value: 0
.website-kampanyalarim.site/	1970-01-20 15:39:01	Name: _fbp Value: fb.1.1690165430926.1954722458
.criteo.com/	1970-01-20 22:51:01	Name: uid Value: 424e0502-cdb7-4d8e-9cc5-94e268dbe53c
.website-kampanyalarim.site/	1970-01-20 22:58:49	Name: cto_bundle Value: 3ujxwF8lMkJMUjZKRHRIVDRFZ0haejlRN1pPSTU3MGZ4SHJ1dm4lMkJIRE1RM0IxWDUlMkZCakZnc3FWNzklMkJlYkRlVzFWeWhEZW1rOFptSjVEcG9SMDg3Z1g4Q0VjayUyRnhlU1dpdXlhYTU2VGJ1ZFRXbXJrOHplN3p5enE0NHh3MjZ0MUx4Q3BoV2VIc3NvMkIydiUyQlpJU3IxJTJCZ09lYksyU1FRTTZCbW8wcWFwNzNwU3J6TkRqQSUzRA
.doubleclick.net/	1970-01-20 23:05:25	Name: IDE Value: AHWqTUmec-4ihow8mXL_8Rlv4WNvODjk5CyrwA8zIiZwGYeZkq-A09HjJe32zeHwj14
.adform.net/	1970-01-20 14:14:03	Name: C Value: 1
.adform.net/	1970-01-20 14:55:49	Name: uid Value: 5690189799839330725
.adnxs.com/	1970-01-20 15:39:01	Name: uuid2 Value: 3617553965791651871
.taboola.com/	1970-01-20 22:15:01	Name: t_gid Value: 2b775269-52a3-46ae-8822-8c689e96d1cd-tuctbb76639
match.sharethrough.com/	1970-01-20 13:39:30	Name: AWSALBCORS Value: y4MoT64uQVplwrIYqGffXyA5IskZ0ArUX/EcaQ3Zwb3BK9+r7ubty8Hi+qNDGTSkMNAxnK/qsHUjbPhaBWXtxR33Ra42FdWTmekj26JqvOhD5rOMD/HY4RJGL8lG
.sharethrough.com/	1970-01-20 14:12:37	Name: stx_user_id Value: 2df26466-e2f7-4b48-9b38-491269a3114e
.bidswitch.net/	1970-01-20 22:15:01	Name: tuuid Value: 0ff72bbf-a95e-418f-8819-936d46b60407
.bidswitch.net/	1970-01-20 22:15:01	Name: c Value: 1690165433
.smartadserver.com/	1970-01-20 23:01:06	Name: pid Value: 3883472342479867869
.smartadserver.com/	1970-01-20 23:01:06	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:16:27	Name: csync Value: 79:k-RNcuAKnCvPgnMHqdKy3NePmvZgFh8VA2GBpUNw
.adnxs.com/	1970-01-20 15:39:01	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2ImLq5B@?!@wnfH1YdP.dEXlSkdnfq^$8BWef8sSMp^%?70COG%d3+SF[OhriC8-H@e)TX)mod1)[%vuWH`A%nugO%v4VB%nr?7+jb6S
.rubiconproject.com/	1970-01-20 22:15:01	Name: khaos Value: LKG8UZES-B-GLE4
.rubiconproject.com/	1970-01-20 22:15:01	Name: audit Value: 1\|61gFxbHUpubSlt8nVptp9EOEzWqaS11gpdv4AnnlHDT6DZ3dTM5nwWouMV+ivd8dzsQox3pJzu+M1KxoLazIt+aleybw1oy9Ba0etFFpiE38+vNqNJBH2v4vgDtri9khVZA+y+xE4mlM71PoaW/K+GuZLpqIJJWlO47QhIiLqCLmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.bidswitch.net/	1970-01-20 22:15:01	Name: tuuid_lu Value: 1690165434
.3lift.com/	1970-01-20 15:39:01	Name: tluid Value: 4085664225744223089797
.teads.tv/	1970-01-20 22:13:35	Name: tt_viewer Value: 7248a9db-e750-4a1d-a5f1-376da6a2b46d
.bluekai.com/	1970-01-20 17:48:37	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 17:48:37	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1Lu6LLcHl1Es0zcKn2660YbX0YLT0v7cwB38vv44lzQGgOxYTLHVU
.bluekai.com/	1970-01-20 17:48:37	Name: bku Value: uUW99ngQFVxZFY9+
.yahoo.com/	1970-01-20 22:15:23	Name: A3 Value: d=AQABBLrgvWQCENck3BUDZX4CRGxgAsbeDyYFEgEBAQEyv2THZNwu0iMA_eMAAA&S=AQAAAlBJnjbmaEi6fF0fSXIauss
.analytics.yahoo.com/	1970-01-20 22:15:01	Name: IDSYNC Value: 18zh~2cy2
.socdm.com/	1970-01-20 23:05:25	Name: SOC Value: ZL3gusCo8YkAAOVafu4AAAAA
.casalemedia.com/	1970-01-20 22:15:01	Name: CMID Value: ZL3gutYWxEzGhds5ZcFo1QAA
.casalemedia.com/	1970-01-20 15:39:01	Name: CMPS Value: 4781
.casalemedia.com/	1970-01-20 15:39:01	Name: CMPRO Value: 4781
.dable.io/	1970-01-20 15:53:25	Name: uid Value: 12079943.1690165434717
.adingo.jp/	1970-01-20 14:12:37	Name: criteo_dsp Value: k-KSL4XKnCvPgnMHqdKy3NePmvZgGSU_jQ0hj5hg
.360yield.com/	1970-01-20 15:39:01	Name: tuuid Value: ace044ee-8031-48d2-9a01-b2e9c2131fd6
.360yield.com/	1970-01-20 15:39:01	Name: tuuid_lu Value: 1690165434
.media.net/	1970-01-20 22:15:01	Name: visitor-id Value: 3331670342889727000V10
.media.net/	1970-01-20 14:12:37	Name: data-c-ts Value: 1690165434
.media.net/	1970-01-20 14:12:37	Name: data-c Value: k-9E8SBqnCvPgnMHqdKy3NePmvZgGq-TUtIYUj9w~~3
.ads.stickyadstv.com/	1970-01-20 14:12:37	Name: UID Value: 6a4362e8d628c6a8219f96748b68b4d
.ads.stickyadstv.com/	1970-01-20 14:55:49	Name: uid-bp-11554 Value: k-8GrOh6nCvPgnMHqdKy3NePmvZgEhs24wpaaJqQ
.rlcdn.com/	1970-01-20 22:15:01	Name: rlas3 Value: eBtAxYvDggMuK92xRuBJRlZI3RaSBR7BMZnI5m7Rq8I=
.rlcdn.com/	1970-01-20 14:55:49	Name: pxrc Value: CAA=
.360yield.com/	1970-01-20 15:39:01	Name: um Value: !38,oPJGOXSw.a9eBcgEw97IWS49kbHwv3J.JYNFsqfMGyT1kjh35uZOv6rr.HG8lX0aZcHvK7Hj,1697941434
.360yield.com/	1970-01-20 15:39:01	Name: umeh Value: !38,0,1752373434,-1
.krxd.net/	1970-01-20 17:48:37	Name: _kuid_ Value: PsUqj0pN
.pubmatic.com/	1970-01-20 14:12:37	Name: KRTBCOOKIE_97 Value: 3385-uid:k-JjpJb6nCvPgnMHqdKy3NePmvZgGYT8f4hc7WCg&KRTB&23144-uid:k-JjpJb6nCvPgnMHqdKy3NePmvZgGYT8f4hc7WCg&KRTB&23286-uid:k-JjpJb6nCvPgnMHqdKy3NePmvZgGYT8f4hc7WCg&KRTB&23287-uid:k-JjpJb6nCvPgnMHqdKy3NePmvZgGYT8f4hc7WCg
.pubmatic.com/	1970-01-20 14:12:37	Name: PugT Value: 1690162110
.bing.com/	1970-01-20 22:51:01	Name: MUID Value: 33F9CFDE53E160C63B5ADC865271611D
.c.bing.com/	1970-01-20 13:39:30	Name: MR Value: 0
.yieldmo.com/	1970-01-20 22:15:01	Name: yieldmo_id Value: 3aVR85rWWOrIWJSOtrJ5%7C1690156800000%7C0
.ads.yieldmo.com/	1970-01-20 22:15:01	Name: ptrcriteo Value: k-CYfY0anCvPgnMHqdKy3NePmvZgE6k1zuiM-2LA
.aralego.com/	1970-01-20 22:15:01	Name: sspid Value: 99796683-e111-32b3-98f1-dcde0f8ce743
exchange.mediavine.com/	1970-01-20 13:49:35	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22236f3500-29c9-11ee-96c5-735c5ee696aa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:35	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22236f3500-29c9-11ee-96c5-735c5ee696aa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:35	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22236f3500-29c9-11ee-96c5-735c5ee696aa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:35	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22236f3500-29c9-11ee-96c5-735c5ee696aa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:35	Name: criteo Value: %7B%22id%22%3A%22k-gvHOlKnCvPgnMHqdKy3NePmvZgFu9t5bO9ra_w%22%2C%22version%22%3A%22criteo%22%7D
.smaato.net/	1970-01-20 13:59:39	Name: SCM Value: 3cd466bf
.smaato.net/	1970-01-20 13:44:32	Name: SCM1001851 Value: 3cd466bf

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://website-kampanyalarim.site/Content/assets/layoutcss?v=23GcvFvbxnWA3tRNkzzdQ-uMepEn0x1qtLq4Z9-gvQw1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/images/garenta-logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/js/picker/tr_TR.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta-logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/collaboration.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/pickerjs?v=uNpyDy0xeAYJw4OnUHFUWcK6YKbc3I47j2KcIOrmi8c1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/campaignsearch?v=lmSsQ_mLQagITVa4pfpKeptS2wEfyclBN7eYb-ODlK01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/layoutjs?v=5ndK8cFtiEk8qdedfpS5iSnmGmkcKgf-OA-Hfyvomko1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/pickercss?v=nPZx4XkJDbjowHzcEljTttKeOOprBqKncyC91BbxEPA1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/celik_motor_footer_new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/twitter_ico.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/youtubeico1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/images/garenta_loading.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/ikinci_yeni_logo_new_footer.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/Logo_Anadolu.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/linkico1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/app_googleplay.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/faceico_2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta_logo_footer_new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/app_appstore.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/instaico2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8901912.fls.doubleclick.net
ad.360yield.com
ade.clmbtech.com
adgen.socdm.com
ads.stickyadstv.com
adservice.google.com
adservice.google.com.au
adx.dable.io
analytics.google.com
beacon.krxd.net
c.bing.com
cdn.aralego.net
cdn.mxpnl.com
cdn.netmera-web.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
garenta.api.useinsider.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
images.garenta.com.tr
match.sharethrough.com
netdna.bootstrapcdn.com
ntm.netmera-web.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.outbrain.com
tags.bluekai.com
tg.socdm.com
track.adform.net
ups.analytics.yahoo.com
website-kampanyalarim.site
widget.eu.criteo.com
wsdkapi.netmera.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
103.43.90.179
103.43.90.19
104.18.11.207
104.26.5.103
104.69.166.9
124.146.215.2
124.146.215.46
13.107.21.200
13.224.249.94
13.228.126.19
13.33.88.107
13.33.88.27
139.5.84.243
141.226.229.48
142.251.10.149
142.251.10.95
142.251.12.157
142.251.12.94
142.251.12.97
157.240.235.1
157.240.235.35
162.159.134.61
172.217.194.157
178.250.1.9
182.161.73.129
182.161.73.136
182.161.73.146
184.51.137.72
184.51.96.11
185.57.65.125
185.84.60.57
209.58.171.197
216.239.38.181
23.106.127.38
23.215.7.26
3.123.31.56
35.156.26.24
35.186.235.23
35.190.60.146
35.213.12.39
35.71.178.8
37.157.2.229
42.99.140.177
43.201.178.53
44.238.253.87
5.159.251.32
52.192.226.225
54.151.135.69
54.169.94.58
54.170.121.144
54.192.150.30
54.251.174.164
64.233.170.101
64.233.170.157
66.225.223.159
67.199.150.86
69.173.158.64
74.125.130.103
74.125.200.155
74.125.200.156
74.125.68.102
74.125.68.94
07c726ece60f40788af3459f81b10b4af7ed83b740254ebc29ab55f4a37843b0
086516f11b10ac8f0f88f2172fc099a004c52f0bafc83d9fd628c2cb58c64de1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
12ab4bbc298bd8b74b50de852a3dddd35c9b71a47c22ff77dc6962b752236f2b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662
1e3fe0befdde21c86098aca47577ed5e6b6b0e85f200d486b4f76e9dc346e422
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30478d91396916be9394c38fd5dddfd240825a5b2d8bf3d1af321a466b4cbee1
318be3ccf5efa7aeac3d594dd84f3d2241bb6eca0ef33b47a1eeb90728750db0
31ae5e35f948157f9eedcaf8b958e5723a795b3f71511c0c8e5949b20e73b028
32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
3690c0c510278c5fc9d655f9d5bcf0d84a98e49dfa90e13f74d98bea3c53cad3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1af0dd3adf756000f4a0db2fecfa6b6606654623c5aa0debe3fa6594c23d66
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6768f13cd7f0fe6b50dbac22857aeb94c93cdfb7aeda9db833d2891efbaa380f
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
781e86f4d85534912da82bb67bdf2ab3cdaa3c06359fd0a774a43c02bed387d0
7993590ef120800ae890a068d78d219cdb797b35c3c65e3f6afc2860bc44413e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88428020331bd2923c769d7dbacc79219db0d1a4d6e54affc2ad81712477b063
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5a0acdff67a4fb9a764bee718a95a1f32627564a41c1499218e15ae821ed090
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a8d53eaeda6725d311a182d068ea269a1f01a2d9565ee777b6a359857c3971c8
a9fd15d779e4d7fcfe44aca11e1013bdf6b95d2702df559f6ac160ff6361cb62
aa867a91b982a4f96446c6cda5c266dcad3fde806b86313a605fed5319708319
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf01bdbb65f05cdda2528eef0c19c238158cf04d8244cc192d354ae5c875d4b2
c3a92a8aab76be885b2044e4b467f4a0fae3d6a07a242a46d0d6e2bebd2b75f7
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cf54c72579e18d4165afb8a6f6b5300052a432304ad899a7b2385670dbd00ada
dca7c8f2910eab4f3cdddd781eb314bb1824907dee007d0de22ec898ea9b569e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

website-kampanyalarim.site Open in urlscan Pro 3.123.31.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

84 %HTTPS

0 %IPv6

50 Domains

65 Subdomains

58 IPs

12 Countries

1072 kBTransfer

2903 kBSize

70 Cookies

14 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

website-kampanyalarim.site Open in urlscan Pro
3.123.31.56 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

84 %
HTTPS

0 %
IPv6

50
Domains

65
Subdomains

58
IPs

12
Countries

1072 kB
Transfer

2903 kB
Size

70
Cookies

107 HTTP transactions
0 data transactions