19ekimindirimleri.org Open in urlscan Pro
172.67.131.209 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://19ekimindirimleri.org/
Submission: On October 20 via api (October 20th 2024, 6:47:47 am UTC) from CA — Scanned from CA

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 10 domains to perform 30 HTTP transactions. The main IP is 172.67.131.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is 19ekimindirimleri.org.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.

This is the only time 19ekimindirimleri.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: A101 (Retail) Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 10	172.67.131.209 172.67.131.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:dde	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.167.56.26 3.167.56.26	16509 (AMAZON-02) (AMAZON-02)
1	23.212.249.22 23.212.249.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	173.194.66.94 173.194.66.94	15169 (GOOGLE) (GOOGLE)
8	2600:9000:26c... 2600:9000:26c1:6800:3:ee41:2800:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:247... 2600:9000:2479:e200:8:bf12:1b40:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::6815:524a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	10

10 172.67.131.209 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

19ekimindirimleri.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:dde (United States)

ASN13335 (CLOUDFLARENET, US)

static.personaclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.56.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-26.iad61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.249.22 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-22.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.66.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:26c1:6800:3:ee41:2800:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.a101prod.retter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.a101kapida.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2479:e200:8:bf12:1b40:21 (United States)

ASN16509 (AMAZON-02, US)

dq19r96s0yq25.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:524a (United States)

ASN13335 (CLOUDFLARENET, US)

i.hizliresim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	19ekimindirimleri.org 2 redirects 19ekimindirimleri.org	74 KB
5	a101kapida.com api.a101kapida.com	31 KB
3	cloudfront.net dq19r96s0yq25.cloudfront.net	244 KB
3	retter.io api.a101prod.retter.io	9 KB
2	gstatic.com fonts.gstatic.com	30 KB
1	hizliresim.com i.hizliresim.com — Cisco Umbrella Rank: 206115	996 KB
1	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	37 KB
1	hotjar.com script.hotjar.com — Cisco Umbrella Rank: 1177	55 KB
1	personaclick.com static.personaclick.com — Cisco Umbrella Rank: 422789	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
30	10

	Domain	Requested by
10	19ekimindirimleri.org	2 redirects 19ekimindirimleri.org
5	api.a101kapida.com	19ekimindirimleri.org
3	dq19r96s0yq25.cloudfront.net	19ekimindirimleri.org
3	api.a101prod.retter.io	19ekimindirimleri.org
2	fonts.gstatic.com	fonts.googleapis.com
1	i.hizliresim.com	19ekimindirimleri.org
1	analytics.tiktok.com	19ekimindirimleri.org
1	script.hotjar.com	19ekimindirimleri.org
1	static.personaclick.com	19ekimindirimleri.org
1	fonts.googleapis.com	19ekimindirimleri.org
30	10

This site contains no links.

Subject Issuer	Validity	Valid
19ekimindirimleri.org WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
personaclick.com E6	`2024-09-07` - `2024-12-06`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.a101kapida.com Amazon RSA 2048 M03	`2024-07-21` - `2025-08-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
hizliresim.com WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://19ekimindirimleri.org/
Frame ID: AC71D529F0D82650DF7C3926B96446B9
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A101 HARCA HARCA BİTMEZ

Page URL History Show full URLs

https://19ekimindirimleri.org/ Page URL
https://19ekimindirimleri.org/cdn-cgi/phish-bypass?atok=2ebsM5hlE8CqyXeMbhi0FNjYzga6ReOYGSUdWMesL9I-172940... HTTP 301
https://19ekimindirimleri.org/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

30
Requests

83 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

1
Countries

1482 kB
Transfer

2047 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://19ekimindirimleri.org/ Page URL
https://19ekimindirimleri.org/cdn-cgi/phish-bypass?atok=2ebsM5hlE8CqyXeMbhi0FNjYzga6ReOYGSUdWMesL9I-1729406845-0.0.1.1-%2F HTTP 301
https://19ekimindirimleri.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/3ca63d6ce3385b1fa81df227b54934.css HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php

Request Chain 8

https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/3ca63d6ce3385b1fa81df227b54934_popup_276.css HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php HTTP 302
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php

Request Chain 12

https://19ekimindirimleri.org/_next/static/chunks/pages/nearest-stores-b7e8b9151db359fb.js HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php

Request Chain 13

https://19ekimindirimleri.org/_next/static/chunks/pages/salesForm-7976c754f690b134.js HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php HTTP 302
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php

Request Chain 28

https://19ekimindirimleri.org/favicon.ico HTTP 302
https://19ekimindirimleri.org/index.php

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 403 / Show response
19ekimindirimleri.org/ 4 KB
2 KB 239ms
29ms Document
text/html 172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19ekimindirimleri.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dee7cbc864128ac75694c11d87a7e888723702135ed5373c1c7ad800afa357

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray: 8d570e6f3ea036cf-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 20 Oct 2024 06:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=doXfMvn7Yg4byhpHgai8lUESdvBP0gT1gtcXLeRyJRlKXHexSXzfJdbza%2BhzsHKljxs10rpRS3K5U9EB5HbptbkLPsS%2F%2BO2hJ%2F%2Bc9Xjj8LUO%2BS26x2CVMOEzgxp5wrI2PVzQV50ZRSM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
19ekimindirimleri.org/cdn-cgi/styles/ 23 KB
5 KB 27ms
26ms Stylesheet
text/css 172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19ekimindirimleri.org/cdn-cgi/styles/cf.errors.css

Requested by

Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"670fb473-5df3"
x-content-type-options: nosniff
cf-ray: 8d570e6f6ebe36cf-YYZ
expires: Sun, 20 Oct 2024 08:47:25 GMT
date: Sun, 20 Oct 2024 06:47:25 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 12:41:23 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
19ekimindirimleri.org/cdn-cgi/images/ 452 B
635 B 25ms
25ms Image
image/png 172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://19ekimindirimleri.org/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "670fb473-1c4"
x-content-type-options: nosniff
cf-ray: 8d570e6f9ed936cf-YYZ
expires: Sun, 20 Oct 2024 08:47:25 GMT
accept-ranges: bytes
content-length: 452
date: Sun, 20 Oct 2024 06:47:25 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 12:41:23 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 403 favicon.ico
19ekimindirimleri.org/ 4 KB
2 KB 29ms
29ms Other
text/html 172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://19ekimindirimleri.org/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522dcd884dabe82feed5ab11f9924a830cafaa72cb081811c767fe8ec98b8398

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPur2Wj2LZDcCOhiv%2FOfnXaXiNdr%2BAv6%2FnyM9A2aFPUGLDVgCDqKPyC%2F3HuR81f2IZuCi8MLTDMgA2ruoXrfhhYSwljrK2iSamBUjXhpKzJecBhwHKV%2Bh0vUTGEftD3uJERPpuOaQO0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d570e6fdefe36cf-YYZ
date: Sun, 20 Oct 2024 06:47:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

200

Primary Request / Show response
19ekimindirimleri.org/
Redirect Chain

https://19ekimindirimleri.org/cdn-cgi/phish-bypass?atok=2ebsM5hlE8CqyXeMbhi0FNjYzga6ReOYGSUdWMesL9I-1729406845-0.0.1.1-%2F
https://19ekimindirimleri.org/

65 KB
11 KB

431ms
431ms

Document
text/html

172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://19ekimindirimleri.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.12 PleskLin
Resource Hash: 0d040e1bb39d558f518844ea88fa110a8683c307b93c84924eb61b8873282fb5

Request headers

Referer: https://19ekimindirimleri.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d570e8f1de936cf-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sun, 20 Oct 2024 06:47:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdtV66MzH42YPHD8JrtZspYOznbrFBH1gKs%2FUOXBZ2dLA8ghG6sTUqIGmv31J8YqueIcVDWmkiE64dMTjqe9DUuQFn%2F%2B8SiynhsKuI%2BwqUTUtaF8lgRQflmx8XaU67u5kdeWvO8MOvw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=27004&sent=28&recv=22&lost=0&retrans=0&sent_bytes=14700&recv_bytes=6815&delivery_rate=595&cwnd=12000&unsent_bytes=0&cid=f99e75b79bd17726&ts=5543&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.3.12 PleskLin

Redirect headers

cache-control: private, no-cache
cf-ray: 8d570e8eedd636cf-YYZ
content-length: 167
content-type: text/html
date: Sun, 20 Oct 2024 06:47:30 GMT
location: https://19ekimindirimleri.org/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 129ms
47ms Stylesheet
text/css 2607:f8b0:400d:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fea32fbe6147f1e84ebf680dbd77c278f4a76889df71b49c4f8e370dd253caba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 20 Oct 2024 06:47:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 06:47:30 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 20 Oct 2024 05:19:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 css1.css
19ekimindirimleri.org/ 101 KB
21 KB 542ms
539ms Stylesheet
text/css 172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://19ekimindirimleri.org/css1.css
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7fa837000054698bc639dd448c7ecc01d8bd8adac7b934bba75e0a5d5f885df3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"663bf514-19333"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HsvanU4Q9%2FuR%2FTGer2UVgZWfkbHNEyk0EZJmE%2BHrUK%2FWwEPR5Gx8wqwDOCfkMNnpRBdz0aqdFW4d61tLFsabxB%2Fwy9t%2Bdcp2YMB%2ByPboN4QtffQU0uVbSPDGn0TTo71FTpL3sKVK90%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25448&sent=43&recv=33&lost=0&retrans=0&sent_bytes=28051&recv_bytes=9396&delivery_rate=3401&cwnd=12000&unsent_bytes=0&cid=f99e75b79bd17726&ts=6097&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 06:47:31 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 21:56:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d570e91ef3936cf-YYZ
x-powered-by: PleskLin
server: cloudflare

GET
H3 200 css2.css
19ekimindirimleri.org/ 101 KB
21 KB 565ms
563ms Stylesheet
text/css 172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://19ekimindirimleri.org/css2.css
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7fa837000054698bc639dd448c7ecc01d8bd8adac7b934bba75e0a5d5f885df3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"663bf514-19333"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdEhKXQsptg17T8uiCSXF5SJChH0hCu4a4vhi4chtBaLQmZE10T7rb8PwcMxfCbwBhmdGm%2Bih5OKY9Ngo6ffVBNOht9g3qsycNuAmFaYOISRyLqMKyNMYpSM22y7QJ9ucCnDBpBLpEk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25448&sent=53&recv=33&lost=0&retrans=0&sent_bytes=40051&recv_bytes=9396&delivery_rate=3401&cwnd=12000&unsent_bytes=0&cid=f99e75b79bd17726&ts=6100&x=1", cfExtPri, cfHdrFlush;dur=20
date: Sun, 20 Oct 2024 06:47:31 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 21:56:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d570e91ef3a36cf-YYZ
x-powered-by: PleskLin
server: cloudflare

GET

index.php
19ekimindirimleri.org/cdn.personaclick.com/shop_css/
Redirect Chain

https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/3ca63d6ce3385b1fa81df227b54934.css
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php

0
0

GET

index.php
19ekimindirimleri.org/cdn.personaclick.com/popup_css/
Redirect Chain

https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/3ca63d6ce3385b1fa81df227b54934_popup_276.css
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php
https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php

0
0

GET
H2 200 swiper-bundle.min.css
static.personaclick.com/A101/swiper/ 18 KB
5 KB 483ms
432ms Stylesheet
text/css 2606:4700:20::681a:dde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.personaclick.com/A101/swiper/swiper-bundle.min.css
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c050657555e75b5da86948f8b905c5ddc3820f5b8bd46a732581ed323a640fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"65e97ae5-4810"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwnnlK1InOdOFeA4rmONLTtrbegYObMrlrJf2XIYrfoRFej0Qe7kfEEBzn%2Bi4%2F0rEqunU9OijFYieghU8na04VAnLmTT47mwJtIf8ySF%2FYl3Q9Tph7ck%2FHhRjpI7yujMmGjQgO2ztFQOEDpUFwgOeH32gQGc"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d570e922a41a296-YUL
date: Sun, 20 Oct 2024 06:47:31 GMT
content-type: text/css
last-modified: Thu, 07 Mar 2024 08:29:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 modules.0ce9b654b0ac7fef3cf0.js Show response
script.hotjar.com/ 220 KB
55 KB 151ms
34ms Script
application/javascript 3.167.56.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js

Requested by

Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-26.iad61.r.cloudfront.net

Software

Resource Hash

a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-robots-tag: none
content-encoding: br
etag: "115ac93274d69bd2c455fda9dea090c8"
age: 1588071
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: QNXH4uBcnHoQ8oWEcrhgGSSuvbySXpE86QEey_N1b--hhTbWK4jfQg==
date: Tue, 01 Oct 2024 21:39:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Mar 2024 15:01:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 e7c1fac5920ba451129493421444f012.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 55498
x-amz-cf-pop: IAD61-P5

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 150ms
33ms Script
application/javascript 23.212.249.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-22.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-cache: TCP_HIT from a23-220-105-24.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-240314135218BD1D093888677880F7B3-632A617172949613-00
content-length: 36989
date: Sun, 20 Oct 2024 06:47:30 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20240314135218BD1D093888677880F7B3
server: nginx
x-akamai-request-id: 35c876c5
x-tt-trace-host: 019b883c51a23dbd9c54557d3cc7c8d9e673c42aca5454a644e72c92c50a26189fe8f6dd5ec1e5f0a40c2be3a5fe47f66d54cd4d6cbe8b2d012accdbce1cf40d437d0fe756fc1e9624a1445b8fc568d59f07c23d6b3920767e1d4917586b704284

GET

index.php
19ekimindirimleri.org/_next/static/chunks/pages/
Redirect Chain

https://19ekimindirimleri.org/_next/static/chunks/pages/nearest-stores-b7e8b9151db359fb.js
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php

0
0

GET

index.php
19ekimindirimleri.org/_next/static/chunks/pages/
Redirect Chain

https://19ekimindirimleri.org/_next/static/chunks/pages/salesForm-7976c754f690b134.js
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php
https://19ekimindirimleri.org/_next/static/chunks/pages/index.php

0
0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 84ms
39ms Font
font/woff2 173.194.66.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f94.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://19ekimindirimleri.org
Referer: https://fonts.googleapis.com/

Response headers

age: 151547
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 12:41:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 12:41:47 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 98ms
54ms Font
font/woff2 173.194.66.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f94.1e100.net

Software

sffe /

Resource Hash

3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://19ekimindirimleri.org
Referer: https://fonts.googleapis.com/

Response headers

age: 334341
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 09:55:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 09:55:13 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12280
x-xss-protection: 0
server: sffe

GET
H2 200 a101-logo-2_256x256.svg
api.a101prod.retter.io/dbmk89vnr/CALL/Image/get/ 975 B
1 KB 229ms
31ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101prod.retter.io/dbmk89vnr/CALL/Image/get/a101-logo-2_256x256.svg
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53ebcb69ae49fcca80a92e436ff82c3421c4cdf00f9b8fef1c71a6891eed7cdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1713233861948
access-control-expose-headers: *
age: 16172994
access-control-allow-methods: *
apigw-requestid: WS_m8jmvjoEEP8g=
x-cache: Hit from cloudfront
x-amz-cf-id: HFVv63JK4T8DAEZTiDw2prVX_6_Hi27NRKXFQbnhFUDqaTAUvaXtqQ==
date: Tue, 16 Apr 2024 02:17:41 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 975
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.0.31

GET
H2 200 extra-logo_512x512.svg
api.a101prod.retter.io/dbmk89vnr/CALL/Image/get/ 4 KB
4 KB 233ms
36ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101prod.retter.io/dbmk89vnr/CALL/Image/get/extra-logo_512x512.svg
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7042a293e2a468c17198c4b9a4047e38d5780c4bddb87bb8b4c07d70bb4782b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1726090226239
access-control-expose-headers: *
age: 3316629
access-control-allow-methods: *
apigw-requestid: d9bNyj9JDoEEMFw=
x-cache: Hit from cloudfront
x-amz-cf-id: iB_YDiX6AQgac0Mpd3IM-iqKDyiAYldtlbhq2Bd09A_mITFS3PQY4w==
date: Wed, 11 Sep 2024 21:30:26 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 3594
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.1.0

GET
H2 200 kapida-logo_512x512.svg
api.a101prod.retter.io/dbmk89vnr/CALL/Image/get/ 3 KB
4 KB 228ms
32ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101prod.retter.io/dbmk89vnr/CALL/Image/get/kapida-logo_512x512.svg
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 20ad04b8fb2bb408c467892070b47b78e6d083a9f65f013a6b1ba654bcd014cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1707945053727
access-control-expose-headers: *
age: 21461802
access-control-allow-methods: *
apigw-requestid: TJPeqjYCDoEEJ6w=
x-cache: Hit from cloudfront
x-amz-cf-id: 6_soSNU11QJuL2ynN-zOGVcU1KF9d9byL08z7X5iBJPmJfrwxuzveg==
date: Wed, 14 Feb 2024 21:10:53 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 3389
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.0.23

GET
H2 200 2408x736.jpg
dq19r96s0yq25.cloudfront.net/files/65f84bc2546fd2000808a986/ 137 KB
138 KB 727ms
597ms Image
image/jpeg 2600:9000:2479:e200:8:bf12:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dq19r96s0yq25.cloudfront.net/files/65f84bc2546fd2000808a986/2408x736.jpg?width=1200
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:e200:8:bf12:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7f551ddc53affdd80fc2524411a30f82f115ed7a6fff15bcd8ff192b1b87e192

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

cache-control: public, max-age=30758400
x-webiny-base64-encoded: true
access-control-allow-methods: GET,HEAD
via: 1.1 0a2ddb6f9b0df10d973faa154be16dba.cloudfront.net (CloudFront)
apigw-requestid: f78dMhMZjoEEPZA=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 140527
x-amz-cf-id: G66-XAV0HGWOh7Gl0PiC-1Rf3srgKB5P-fi9BA7jIKMiS6zwDUPn4w==
date: Sun, 20 Oct 2024 06:47:35 GMT
content-type: image/jpeg
x-amz-cf-pop: IAD61-P3
access-control-allow-headers: *

GET
H2 200 4vtnxv7.png
i.hizliresim.com/ 994 KB
996 KB 111ms
57ms Image
image/jpeg 2606:4700:3033::6815:524a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hizliresim.com/4vtnxv7.png

Requested by

Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:524a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa9cb43d1e1dbd928e2fbef4299b793747a3de913b173d3ae68d0d90a92ba6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

cf-cache-status: HIT
etag: "ca2238fd7198d218b6fdb0c69005f14b"
x-wasabi-cm-reference-id: 1729276476084 38.27.106.125 ConID:202387378/EngineConID:1981598/Core:58
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgn6Ri5jC49%2BhSLt0M9Nm0YOsmzr0F9vLAq6O3lhx4f75HjPKJrIAXYBqyU1K7dzZJFRaS35eTytWQJ3zRyqOUl0ayaqSVA2%2Bgx7tuvl%2BfpONDzOU%2BQ05H%2BZDfzCDMOS%2B1CSxRznlyyiaruRcox4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15919&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4020&recv_bytes=2230&delivery_rate=242460&cwnd=250&unsent_bytes=0&cid=2da0553e76dc9d95&ts=66&x=0"
date: Sun, 20 Oct 2024 06:47:35 GMT
content-type: image/jpeg
last-modified: Fri, 12 Apr 2024 09:11:44 GMT
vary: Accept-Encoding
x-amz-id-2: HwEyYOGahOeDXn+u2S+cWbEF0US/ygEjQlEX/uXWGnOzmsvZiZ6hyQCF3a+zaGkzd84AyefFySdg
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
x-amz-request-id: 4D5C4BAF42AA422F:A
cf-ray: 8d570eabbff2a311-YUL
accept-ranges: bytes
content-length: 1018245
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 5.jpg
dq19r96s0yq25.cloudfront.net/files/65f459333da2cd0008cda768/ 96 KB
96 KB 593ms
465ms Image
image/jpeg 2600:9000:2479:e200:8:bf12:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dq19r96s0yq25.cloudfront.net/files/65f459333da2cd0008cda768/5.jpg?width=1200
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:e200:8:bf12:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b5d6e4367ff29d45b938e7f7aa11129994da6d7e23948755640d7146767dea3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

cache-control: public, max-age=30758400
x-webiny-base64-encoded: true
access-control-allow-methods: GET,HEAD
via: 1.1 0a2ddb6f9b0df10d973faa154be16dba.cloudfront.net (CloudFront)
apigw-requestid: f78dMg31DoEEMng=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 97920
x-amz-cf-id: DBXZqHEZ4RVlGLx0AobKfD-HGon3eMnFyELrzZbWOGs0z9TPOsik0Q==
date: Sun, 20 Oct 2024 06:47:35 GMT
content-type: image/jpeg
x-amz-cf-pop: IAD61-P3
access-control-allow-headers: *

GET
H2 200 ZkgSwy26NV_1024x1024.png
api.a101kapida.com/dbmk89vnr/CALL/Image/get/ 6 KB
6 KB 160ms
34ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101kapida.com/dbmk89vnr/CALL/Image/get/ZkgSwy26NV_1024x1024.png
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5962a6e7357177076829d0418348e3a1a2d6a1765defd2bd80bae636ead81d08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1712283728338
access-control-expose-headers: *
age: 17123127
access-control-allow-methods: *
apigw-requestid: Vuv8khGWDoEEJPA=
x-cache: Hit from cloudfront
x-amz-cf-id: TTXdwUfcr5gPLlOlN59L0umsH7B_mcCW3-n93BWBsDShI_RxoCEv1g==
date: Fri, 05 Apr 2024 02:22:08 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 6209
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.0.31

GET
H2 200 HTCWySVIL-_1024x1024.png
api.a101kapida.com/dbmk89vnr/CALL/Image/get/ 6 KB
6 KB 157ms
32ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101kapida.com/dbmk89vnr/CALL/Image/get/HTCWySVIL-_1024x1024.png
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1db78456622a7ceccd41c7e94399c749020051e740286d73c8f8aaa1de78e71e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1708304088610
access-control-expose-headers: *
age: 21102767
access-control-allow-methods: *
apigw-requestid: TW8B2hb8DoEEPVA=
x-cache: Hit from cloudfront
x-amz-cf-id: mEneDIF3p5TRPpMLlRhO-uyj_Dzl75rvoFTAnTZE3P_rvpn_8YIlvw==
date: Mon, 19 Feb 2024 00:54:48 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 5829
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.0.23

GET
H2 200 YwE3VEvqcF_1024x1024.png
api.a101kapida.com/dbmk89vnr/CALL/Image/get/ 6 KB
6 KB 165ms
41ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101kapida.com/dbmk89vnr/CALL/Image/get/YwE3VEvqcF_1024x1024.png
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1db78456622a7ceccd41c7e94399c749020051e740286d73c8f8aaa1de78e71e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1719597443073
access-control-expose-headers: *
age: 9809412
access-control-allow-methods: *
apigw-requestid: aFvsgjIejoEEJkw=
x-cache: Hit from cloudfront
x-amz-cf-id: 5_Srf2m604W03E5ky4n6p2_zS4uyiQTCBemfCMEcns2uip5_U5vvpA==
date: Fri, 28 Jun 2024 17:57:23 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 5829
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.1.0

GET
H2 200 KNUTq0bU2o_1024x1024.png
api.a101kapida.com/dbmk89vnr/CALL/Image/get/ 7 KB
7 KB 182ms
57ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101kapida.com/dbmk89vnr/CALL/Image/get/KNUTq0bU2o_1024x1024.png
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bd0ec11524b91a319e4a423e53721471bf28f7980d83764c7a1f940b01c61c72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1724763272308
access-control-expose-headers: *
age: 4643583
access-control-allow-methods: *
apigw-requestid: dKzlSj9xDoEEPYA=
x-cache: Hit from cloudfront
x-amz-cf-id: L7y_HxEoRs2o8N93lRbhr-cnGta4NEPUmJ7M4mrYZur6Gs3aOabPMA==
date: Tue, 27 Aug 2024 12:54:32 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 6923
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.1.0

GET
H2 200 CIR6IPOflB_1024x1024.png
api.a101kapida.com/dbmk89vnr/CALL/Image/get/ 5 KB
6 KB 60ms
37ms Image
image/jpg 2600:9000:26c1:6800:3:ee41:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.a101kapida.com/dbmk89vnr/CALL/Image/get/CIR6IPOflB_1024x1024.png
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:6800:3:ee41:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bd421a50c140bcd234a5c90b90771f4dbc66195f06fb0ff5e88c6a0d6941a77e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

x-srv-time: 1726446499943
access-control-expose-headers: *
age: 2960356
access-control-allow-methods: *
apigw-requestid: eLBBoihnjoEEMNw=
x-cache: Hit from cloudfront
x-amz-cf-id: ZKq0fBd13M3gtqamImM2p9_zSY_QCgHwpqXDjiT6T-y8hCoQ24qOyg==
date: Mon, 16 Sep 2024 00:28:19 GMT
content-type: image/jpg
access-control-allow-headers: *
cache-control: max-age=31536000
via: 1.1 64c95802ff188dd41dd32c313bef089c.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 5238
x-amz-cf-pop: IAD61-P1
x-rio-version: 2.1.0

GET
H2 200 afisabonejpg.jpg
dq19r96s0yq25.cloudfront.net/files/656f0c64b95c15000865dbd5/ 10 KB
10 KB 71ms
47ms Image
image/jpeg 2600:9000:2479:e200:8:bf12:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dq19r96s0yq25.cloudfront.net/files/656f0c64b95c15000865dbd5/afisabonejpg.jpg?width=200
Requested by: Host: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:e200:8:bf12:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c9d69500e13c527941e2ff7ecf8bcc400b1c5c7dd8a5afc7253319a9d2fd39b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

cache-control: public, max-age=30758400
age: 111610
x-webiny-base64-encoded: true
access-control-allow-methods: GET,HEAD
via: 1.1 0a2ddb6f9b0df10d973faa154be16dba.cloudfront.net (CloudFront)
apigw-requestid: f3r-JhWzjoEEMJQ=
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 9773
x-amz-cf-id: Ox-IF1QIun3onLYL7j0ng4wmuH8LOhcVtpJ6fTUx3a-KBWlmui62-g==
date: Fri, 18 Oct 2024 23:47:25 GMT
content-type: image/jpeg
x-amz-cf-pop: IAD61-P3
access-control-allow-headers: *

GET
H3

200

index.php
19ekimindirimleri.org/
Redirect Chain

https://19ekimindirimleri.org/favicon.ico
https://19ekimindirimleri.org/index.php

65 KB
11 KB

185ms
185ms

Other
text/html

172.67.131.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://19ekimindirimleri.org/index.php
Protocol: H3
Server: 172.67.131.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.12, PleskLin
Resource Hash: 0d040e1bb39d558f518844ea88fa110a8683c307b93c84924eb61b8873282fb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://19ekimindirimleri.org/

Response headers

server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2Fd2RiRnHRIrGcF9ugZ%2F6bw9%2BS8Z%2B4qcKyvHqJ4bpl9nQx40oWfdkPBzbPqfSHH2Rcnt7Yeh0jVlWDPE33Dk9PJww1GP%2F4VjzP54QUcBvMm79MG9kCnoZD48G1Z5nFfgYH0MVH7Scj0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d570eae9cc536cf-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23825&sent=171&recv=105&lost=0&retrans=1&sent_bytes=103035&recv_bytes=29426&delivery_rate=20190&cwnd=28800&unsent_bytes=0&cid=f99e75b79bd17726&ts=10332&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 06:47:35 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.12, PleskLin
vary: Accept-Encoding
priority: u=1,i

Redirect headers

server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: index.php
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAk30iVl7IVTJ8yWQgM6PIXrMn7Sm7T4L8iNm2pUPRstDQC1l2gwVrQ7v8Xymknr8wahl9WUUU7RA7XDU7V%2BGakldPnkwOlBN9u%2FjNzCkqFZMBzM0cnk6Lg74kxleViqQX4SCRcHzOo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d570eac1b9d36cf-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24291&sent=167&recv=103&lost=0&retrans=1&sent_bytes=101606&recv_bytes=28512&delivery_rate=3470&cwnd=28800&unsent_bytes=0&cid=f99e75b79bd17726&ts=10146&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 06:47:35 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.12, PleskLin
vary: Accept-Encoding
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php

Domain: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php

Domain: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/_next/static/chunks/pages/index.php

Domain: 19ekimindirimleri.org
URL: https://19ekimindirimleri.org/_next/static/chunks/pages/index.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: A101 (Retail) Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp.TiktTokAnalytics

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.19ekimindirimleri.org/	1970-01-21 00:24:53	Name: __cf_mw_byp Value: 2ebsM5hlE8CqyXeMbhi0FNjYzga6ReOYGSUdWMesL9I-1729406845-0.0.1.1-/

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://19ekimindirimleri.org/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://19ekimindirimleri.org/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://19ekimindirimleri.org/cdn.personaclick.com/shop_css/index.php Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://19ekimindirimleri.org/cdn.personaclick.com/popup_css/index.php Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://19ekimindirimleri.org/ Message: The resource https://19ekimindirimleri.org/css2.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://19ekimindirimleri.org/_next/static/chunks/pages/index.php Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://19ekimindirimleri.org/_next/static/chunks/pages/index.php Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://19ekimindirimleri.org/ Message: The resource https://19ekimindirimleri.org/css2.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19ekimindirimleri.org
analytics.tiktok.com
api.a101kapida.com
api.a101prod.retter.io
dq19r96s0yq25.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.hizliresim.com
script.hotjar.com
static.personaclick.com
19ekimindirimleri.org
172.67.131.209
173.194.66.94
23.212.249.22
2600:9000:2479:e200:8:bf12:1b40:21
2600:9000:26c1:6800:3:ee41:2800:93a1
2606:4700:20::681a:dde
2606:4700:3033::6815:524a
2607:f8b0:400d:c1d::5f
3.167.56.26
0d040e1bb39d558f518844ea88fa110a8683c307b93c84924eb61b8873282fb5
1db78456622a7ceccd41c7e94399c749020051e740286d73c8f8aaa1de78e71e
20ad04b8fb2bb408c467892070b47b78e6d083a9f65f013a6b1ba654bcd014cc
3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
522dcd884dabe82feed5ab11f9924a830cafaa72cb081811c767fe8ec98b8398
53ebcb69ae49fcca80a92e436ff82c3421c4cdf00f9b8fef1c71a6891eed7cdd
5962a6e7357177076829d0418348e3a1a2d6a1765defd2bd80bae636ead81d08
7042a293e2a468c17198c4b9a4047e38d5780c4bddb87bb8b4c07d70bb4782b4
7b5d6e4367ff29d45b938e7f7aa11129994da6d7e23948755640d7146767dea3
7c050657555e75b5da86948f8b905c5ddc3820f5b8bd46a732581ed323a640fa
7f551ddc53affdd80fc2524411a30f82f115ed7a6fff15bcd8ff192b1b87e192
7fa837000054698bc639dd448c7ecc01d8bd8adac7b934bba75e0a5d5f885df3
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd
aa9cb43d1e1dbd928e2fbef4299b793747a3de913b173d3ae68d0d90a92ba6f5
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b7dee7cbc864128ac75694c11d87a7e888723702135ed5373c1c7ad800afa357
bd0ec11524b91a319e4a423e53721471bf28f7980d83764c7a1f940b01c61c72
bd421a50c140bcd234a5c90b90771f4dbc66195f06fb0ff5e88c6a0d6941a77e
c9d69500e13c527941e2ff7ecf8bcc400b1c5c7dd8a5afc7253319a9d2fd39b0
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
fea32fbe6147f1e84ebf680dbd77c278f4a76889df71b49c4f8e370dd253caba

19ekimindirimleri.org Open in urlscan Pro 172.67.131.209 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

83 %HTTPS

56 %IPv6

10 Domains

10 Subdomains

10 IPs

1 Countries

1482 kBTransfer

2047 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

19ekimindirimleri.org Open in urlscan Pro
172.67.131.209 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

83 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

1
Countries

1482 kB
Transfer

2047 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!