website-kampanyalarim.site Open in urlscan Pro
3.123.31.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://website-kampanyalarim.site/
Submission: On July 24 via api (July 24th 2023, 8:57:54 am UTC) from TR — Scanned from DE

Summary HTTP 104 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 47 domains to perform 104 HTTP transactions. The main IP is 3.123.31.56, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is website-kampanyalarim.site.
TLS certificate: Issued by R3 on July 23rd 2023. Valid for: 3 months.

This is the only time website-kampanyalarim.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	3.123.31.56 3.123.31.56	16509 (AMAZON-02) (AMAZON-02)
1	5.159.251.32 5.159.251.32	41296 (ABH) (ABH)
1 4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1 1	54.170.121.144 54.170.121.144	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:5a00:10:5f7f:b9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
6	185.57.65.125 185.57.65.125	9215 (VMIND) (VMIND)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	3.121.62.68 3.121.62.68	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.240.125 35.158.240.125	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	34.246.32.5 34.246.32.5	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 2	52.48.249.89 52.48.249.89	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.93.45.192 54.93.45.192	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:16fa:8844:6a74:e97a	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.30.155.207 52.30.155.207	16509 (AMAZON-02) (AMAZON-02)
1	35.158.16.209 35.158.16.209	16509 (AMAZON-02) (AMAZON-02)
1	52.212.62.24 52.212.62.24	16509 (AMAZON-02) (AMAZON-02)
1	18.118.60.139 18.118.60.139	16509 (AMAZON-02) (AMAZON-02)
104	57

22 3.123.31.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com

website-kampanyalarim.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.159.251.32 (Turkey)

ASN41296 (ABH, TR)
PTR: mailorder.garenta.com.tr

images.garenta.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.121.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-121-144.eu-west-1.compute.amazonaws.com

cdn.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5a00:10:5f7f:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ntm.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

garenta.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8901912.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.57.65.125 (Istanbul, Turkey)

ASN9215 (VMIND, TR)

wsdkapi.netmera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.62.68 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-62-68.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.240.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-240-125.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.32.5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-32-5.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.249.89 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-249-89.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.45.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-45-192.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:16fa:8844:6a74:e97a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.155.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.16.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-16-209.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.62.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-62-24.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.118.60.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-60-139.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	website-kampanyalarim.site website-kampanyalarim.site	20 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 437 mug.criteo.com — Cisco Umbrella Rank: 2484 sslwidget.criteo.com — Cisco Umbrella Rank: 1845 dis.criteo.com — Cisco Umbrella Rank: 607	13 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 8901912.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 120 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	5 KB
6	netmera.com wsdkapi.netmera.com — Cisco Umbrella Rank: 84354	11 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2709 adservice.google.com — Cisco Umbrella Rank: 117	2 KB
5	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 4332 s2.adform.net — Cisco Umbrella Rank: 7469 cm.adform.net — Cisco Umbrella Rank: 1301	33 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 458	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	248 B
4	google.de www.google.de — Cisco Umbrella Rank: 5791	780 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	221 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 741 script.hotjar.com — Cisco Umbrella Rank: 932	73 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	188 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	3 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 673	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 211	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1570	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 355	879 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 161	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	192 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4828	87 KB
2	netmera-web.com 1 redirects cdn.netmera-web.com — Cisco Umbrella Rank: 73819 ntm.netmera-web.com — Cisco Umbrella Rank: 74075	17 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2147	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 639	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2027	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2271	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4477	400 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2500	398 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 788	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 792	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1261	879 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2966	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 439	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 901	341 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 323	125 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2066	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1327	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 588	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 634	793 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 4923	18 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1234	57 KB
1	useinsider.com garenta.api.useinsider.com	688 B
1	garenta.com.tr images.garenta.com.tr	61 KB
104	47

	Domain	Requested by
22	website-kampanyalarim.site	website-kampanyalarim.site
6	wsdkapi.netmera.com	cdn.netmera-web.com
5	gum.criteo.com	4 redirects static.criteo.net
4	www.facebook.com	website-kampanyalarim.site
4	www.google.de	website-kampanyalarim.site 8901912.fls.doubleclick.net
4	www.google.com	1 redirects website-kampanyalarim.site
3	track.adform.net	2 redirects website-kampanyalarim.site
3	connect.facebook.net	website-kampanyalarim.site connect.facebook.net
3	fonts.googleapis.com	website-kampanyalarim.site
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.googleadservices.com	8901912.fls.doubleclick.net www.googleadservices.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.hotjar.com	www.googletagmanager.com website-kampanyalarim.site
2	8901912.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	website-kampanyalarim.site www.googletagmanager.com
2	netdna.bootstrapcdn.com	website-kampanyalarim.site netdna.bootstrapcdn.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com	website-kampanyalarim.site
1	adservice.google.com	8901912.fls.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s2.adform.net	website-kampanyalarim.site
1	cdn.mxpnl.com	website-kampanyalarim.site
1	static.criteo.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	garenta.api.useinsider.com	website-kampanyalarim.site
1	ntm.netmera-web.com	website-kampanyalarim.site
1	cdn.netmera-web.com	1 redirects
1	images.garenta.com.tr	website-kampanyalarim.site
104	61

This site contains links to these domains. Also see Links.

Domain
uzundonem.garenta.com.tr
www.garenta.com.tr
www.anadolugrubu.com.tr
www.celikmotor.com
www.ikinciyeni.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
twitter.com
apps.apple.com
play.google.com
careers.anadolukariyerim.com

Subject Issuer	Validity	Valid
website-kampanyalarim.site R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.garenta.com.tr GlobalSign RSA OV SSL CA 2018	`2023-01-11` - `2024-02-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.netmera.com Go Daddy Secure Certificate Authority - G2	`2023-05-25` - `2024-06-25`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://website-kampanyalarim.site/
Frame ID: 1F14E1817ED81202DD3AB65BE8939623
Requests: 66 HTTP requests in this frame

Frame: https://8901912.fls.doubleclick.net/activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F
Frame ID: 02B4747F22C0D529A9E4FDCA5CB592A6
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag
Frame ID: F39143FADCD95A83789C382F06C12946
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30
Frame ID: 2C483E1729157D062721084AC42997CD
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Denizbank Afili Bonus Kart Kampanyası - Garenta

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

104
Requests

87 %
HTTPS

33 %
IPv6

47
Domains

61
Subdomains

57
IPs

10
Countries

1066 kB
Transfer

2903 kB
Size

53
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://uzundonem.garenta.com.tr/
Title: Uzun Dönem Kiralama

Search URL Search Domain Scan URL

URL: https://www.garenta.com.tr/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: http://www.anadolugrubu.com.tr/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: http://www.celikmotor.com/anasayfa?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://www.garenta.com.tr/

Search URL Search Domain Scan URL

URL: https://www.ikinciyeni.com/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Garenta

Search URL Search Domain Scan URL

URL: https://www.instagram.com/accounts/login/?next=/garenta/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/garenta/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GarentaTR

Search URL Search Domain Scan URL

URL: https://twitter.com/Garentatr

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/garenta/id1107610443?l=tr

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=acropole.garenta&hl=tr&gl=US

Search URL Search Domain Scan URL

URL: https://careers.anadolukariyerim.com/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g HTTP 302
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

Request Chain 37

https://8901912.fls.doubleclick.net/activityi;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F HTTP 302
https://8901912.fls.doubleclick.net/activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Request Chain 43

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 62

https://gum.criteo.com/sid/json?origin=onetag&domain=website-kampanyalarim.site&sn=ChromeSyncframe&so=0&topUrl=website-kampanyalarim.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=No37bXxXa2dFaXp4QWxGN202S3JhdVpseWptZHRGL29sRW45VXlwbnhLVzJ3TW5jaUI1QmhFam1zUUFCemdrVnlKMDdIZzRERWlmSGZ3MlNkZWRNWW51Y2FnSi9pR0lzakd6WDI2SHFZQ3R2NUdKYW5LSW04SmxnQWlQWVRZMUlmMHl0WHhlUkFvRDJnQTBIQWZPYm5CK1ZXYjVUcDBCSGM0ci80ZHpOWnplOVhKUE9pa1ZZUlpqK2kwK242SWcwL3hFWFMrQWhnVnZNY1ltdDVXQ1Y2eWRXMGZna2oxc1IwNHVxalVVNW44b1hFSnVqN2ROS0lLM0dJUDR0VHF4STZ1U1Aya1RkMW15SjNabThlR2hsd0ZZT1BSSEttUFlSbGZZUXZuYjNQMm9rcms5QT18&cppv=2

Request Chain 65

https://track.adform.net/Serving/TrackPoint/?pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=947770808915&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=947770808915&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 70

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICQ8fj8poADFQ5RkQUdYKEIVg%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D2603743521305%3Bauiddc%3D337617992.1690189070%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Dj2-ZIDCCOGB7_UPpN2_8Aw&sscte=1&crd=&pscrd=IhMIgIGE-fymgAMV4cC7CB2k7g_O HTTP 302
https://www.google.com/pagead/1p-conversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICQ8fj8poADFQ5RkQUdYKEIVg%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D2603743521305%3Bauiddc%3D337617992.1690189070%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIgIGE-fymgAMV4cC7CB2k7g_O&is_vtc=1&ocp_id=Dj2-ZIDCCOGB7_UPpN2_8Aw&cid=CAQSKQBpAlJWhboxqMs36pV36_jPaU7VevUGdM-7GMiIinavi466JeoNnOp0&random=1459593544&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICQ8fj8poADFQ5RkQUdYKEIVg%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D2603743521305%3Bauiddc%3D337617992.1690189070%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIgIGE-fymgAMV4cC7CB2k7g_O&is_vtc=1&ocp_id=Dj2-ZIDCCOGB7_UPpN2_8Aw&cid=CAQSKQBpAlJWhboxqMs36pV36_jPaU7VevUGdM-7GMiIinavi466JeoNnOp0&random=1459593544&resp=GooglemKTybQhCsO&ipr=y

Request Chain 71

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-_KGE5sOeoqOAt2qQsyJOaVv7kGkD_xsYyaGj-g&google_cm&google_hm=ay1fS0dFNXNPZW9xT0F0MnFRc3lKT2FWdjdrR2tEX3hzWXlhR2otZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_KGE5sOeoqOAt2qQsyJOaVv7kGkD_xsYyaGj-g&google_gid=CAESEAphKoCS9AC4-L8g9rhGvH4&google_cver=1&google_ula=913071,0

Request Chain 73

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6760822840364594256

Request Chain 74

https://secure.adnxs.com/setuid?entity=52&code=k-LSN5sMOeoqOAt2qQsyJOaVv7kGk_WSPyJv40Yg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-LSN5sMOeoqOAt2qQsyJOaVv7kGk_WSPyJv40Yg

Request Chain 85

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SoZhu8OeoqOAt2qQsyJOaVv7kGl6MeG9nzai5A HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SoZhu8OeoqOAt2qQsyJOaVv7kGl6MeG9nzai5A&C=1

Request Chain 86

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=NGBcXO5f6-YBe-xsKbnFXnx6ad4So1-_ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=NGBcXO5f6-YBe-xsKbnFXnx6ad4So1-_

Request Chain 88

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xyWQxcOeoqOAt2qQsyJOaVv7kGkwCOs3XJcpOQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xyWQxcOeoqOAt2qQsyJOaVv7kGkwCOs3XJcpOQ

Request Chain 98

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=zEUBanwyPxq8b8q0OM4WBSBGvWOXVIRZ

Request Chain 99

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=IeIQBxUZRjXIK5o6nZHf21z2u_Kb1PSQ

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
website-kampanyalarim.site/ 45 KB
9 KB 679ms
44ms Document
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.0.29 PleskLin
Resource Hash: 88428020331bd2923c769d7dbacc79219db0d1a4d6e54affc2ad81712477b063

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 9429
content-type: text/html; charset=UTF-8
date: Mon, 24 Jul 2023 08:57:49 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.29 PleskLin

GET
H2 404 layoutcss
website-kampanyalarim.site/Content/assets/ 0
0 28ms
27ms Stylesheet
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/layoutcss?v=23GcvFvbxnWA3tRNkzzdQ-uMepEn0x1qtLq4Z9-gvQw1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta-logo.png
website-kampanyalarim.site/Content/assets/images/ 808 B
808 B 28ms
28ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/Content/assets/images/garenta-logo.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H/1.1 200
OK 22705fa1-f617-4c28-a1ba-cf7daf6b900e.png
images.garenta.com.tr/CollabrationImages/afili-bonus-kart-yuzde-38-indirim/ 61 KB
61 KB 296ms
77ms Image
image/png 5.159.251.32
ABH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.garenta.com.tr/CollabrationImages/afili-bonus-kart-yuzde-38-indirim/22705fa1-f617-4c28-a1ba-cf7daf6b900e.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.159.251.32 , Turkey, ASN41296 (ABH, TR),
Reverse DNS: mailorder.garenta.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7993590ef120800ae890a068d78d219cdb797b35c3c65e3f6afc2860bc44413e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 08:57:49 GMT
Last-Modified: Thu, 22 Jun 2023 10:44:24 GMT
Server: Microsoft-IIS/8.5
ETag: "e5b6b582f6a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: none
Content-Length: 62414
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H2 404 garenta-logo.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 72ms
67ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta-logo.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 Logo_Anadolu.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 102ms
97ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/Logo_Anadolu.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 celik_motor_footer_new.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 80ms
76ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/celik_motor_footer_new.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta_logo_footer_new.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 75ms
71ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta_logo_footer_new.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 ikinci_yeni_logo_new_footer.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 92ms
88ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/ikinci_yeni_logo_new_footer.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 faceico_2.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 83ms
79ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/faceico_2.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 instaico2.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 79ms
75ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/instaico2.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 linkico1.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 95ms
91ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/linkico1.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 youtubeico1.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 89ms
86ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/youtubeico1.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 twitter_ico.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 99ms
96ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/twitter_ico.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 app_appstore.png
website-kampanyalarim.site/content/assets/images/ 808 B
808 B 102ms
99ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/app_appstore.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 app_googleplay.png
website-kampanyalarim.site/content/assets/images/ 808 B
808 B 97ms
94ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/app_googleplay.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta_loading.gif
website-kampanyalarim.site/Content/assets/images/ 808 B
808 B 103ms
100ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/Content/assets/images/garenta_loading.gif
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 layoutjs
website-kampanyalarim.site/Content/assets/ 0
0 89ms
84ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/layoutjs?v=5ndK8cFtiEk8qdedfpS5iSnmGmkcKgf-OA-Hfyvomko1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 collaboration.js
website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/ 0
0 71ms
65ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/collaboration.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 pickercss
website-kampanyalarim.site/Content/assets/ 0
0 39ms
33ms Stylesheet
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/pickercss?v=nPZx4XkJDbjowHzcEljTttKeOOprBqKncyC91BbxEPA1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 pickerjs
website-kampanyalarim.site/Content/assets/ 0
0 60ms
54ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/pickerjs?v=uNpyDy0xeAYJw4OnUHFUWcK6YKbc3I47j2KcIOrmi8c1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 campaignsearch
website-kampanyalarim.site/Content/assets/ 0
0 69ms
63ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/campaignsearch?v=lmSsQ_mLQagITVa4pfpKeptS2wEfyclBN7eYb-ODlK01
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 tr_TR.js
website-kampanyalarim.site/Content/assets/js/picker/ 0
0 69ms
63ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/js/picker/tr_TR.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 85ms
29ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=tr

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e3fe0befdde21c86098aca47577ed5e6b6b0e85f200d486b4f76e9dc346e422

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 24 Jul 2023 08:57:49 GMT

GET
H2

200

netmera_sdk.js Show response
ntm.netmera-web.com/wsdk2/nmweb/
Redirect Chain

https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

60 KB
17 KB

95ms
26ms

Script
application/javascript

2600:9000:206f:5a00:10:5f7f:b9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Server: 2600:9000:206f:5a00:10:5f7f:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30478d91396916be9394c38fd5dddfd240825a5b2d8bf3d1af321a466b4cbee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 09:10:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"b6e1978280bc66104123d8a33007ed48"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, max-age=900, s-maxage=604800
x-amz-cf-id: o04W-x7V4qUyEn_-EzO4h4m3x4Gmi41MSxoPXLlbJsqAdgHt3ggauw==

Redirect headers

location: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
date: Mon, 24 Jul 2023 08:57:49 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2 200 ins.js Show response
garenta.api.useinsider.com/ 0
688 B 92ms
35ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garenta.api.useinsider.com/ins.js?id=10001743

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aLLGNX5X6NuBlPbwN11fa6CiA74NVt4l
cf-cache-status: HIT
x-amz-request-id: BCE4YJA4BHAGPXA9
age: 5247
content-length: 0
x-amz-id-2: SUchRDXvirGDdoEptLnh+GwOHcUYAbjZjx2TrU5ssj6XJZ0CKHEFfxjKq0ZAQrlgkF/5cqaYKDY=
x-xss-protection: 1
pragma: public
last-modified: Tue, 26 Apr 2022 14:00:02 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 7ebaf534efc83650-FRA
expires: Mon, 24 Jul 2023 20:57:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 86ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i&subset=latin-ext

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 08:52:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 08:57:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 85ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin-ext

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 07:20:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 08:57:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
518 B 87ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 07:59:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 08:57:49 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 97ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 9525262
cdn-cachedat: 11/16/2021 10:00:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0eb7160e8356338bb079cae66d61082c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7ebaf534fe0c9100-FRA
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
105 KB 95ms
44ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8ed50a5152e6bb4874afaad6b4ed9ce4b779aca516aed5495d807d3e9da8462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107270
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jul 2023 08:57:49 GMT

GET
H2 200 recaptcha__tr.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 433 KB
174 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__tr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=tr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ab4bbc298bd8b74b50de852a3dddd35c9b71a47c22ff77dc6962b752236f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://website-kampanyalarim.site/
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177573
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:36:22 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 82 KB
82 KB 58ms
33ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 20678
cdn-cachedat: 08/25/2022 04:48:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83760
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "fdf491ce5ff5b2da02708cd0e9864719"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 28ec210c5138f76041a1efbbada16e6d
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7ebaf53558a09974-FRA
cdn-requestpullsuccess: True

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 398329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 18:19:00 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 70ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 14:58:16 GMT
x-content-type-options: nosniff
age: 151173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 14:58:16 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 159 KB
57 KB 102ms
44ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PJS7MG3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ebd20a83dd21baed9c7c04ea3c11740b38133e68df444add5faccf419e06ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 58015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jul 2023 08:57:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992173426/ 3 KB
2 KB 109ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992173426/?random=1690189069698&cv=11&fst=1690189069698&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&auid=337617992.1690189070&uamb=0&uaw=0&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8722fbbfc517d53ca08b733afcd3972f611f588bae1e865797e1ff63079b466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Jul 2023 08:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 24 Jul 2023 10:35:19 GMT

GET
H2

200

activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uam... Show response
8901912.fls.doubleclick.net/ Frame 02B4
Redirect Chain

https://8901912.fls.doubleclick.net/activityi;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;u...
https://8901912.fls.doubleclick.net/activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u...

1 KB
859 B

72ms
71ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8901912.fls.doubleclick.net/activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

8adbe6f428c1214cc99e59eac1ac4b8b170738318dcd65649fa792a2be4b8f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://website-kampanyalarim.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 520
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 08:57:49 GMT
expires: Mon, 24 Jul 2023 08:57:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 08:57:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8901912.fls.doubleclick.net/activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2838419.js Show response
static.hotjar.com/c/ 9 KB
4 KB 72ms
22ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2838419.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

a8d53eaeda6725d311a182d068ea269a1f01a2d9565ee777b6a359857c3971c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Jul 2023 08:57:21 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 35
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5e515b438f8ca365ddcfefcf9d0fce23
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: NBUCoGtwXBU-Ha3NGSzdvWmweSjsFIUhsoh2HimwgmJL2C-sTFTWDg==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 45 KB
15 KB 147ms
66ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 May 2023 12:05:15 GMT
server: nginx
etag: W/"6464c2fb-b219"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:57:49 GMT

GET
H2 200 hotjar-602392.js Show response
static.hotjar.com/c/ 0
433 B 71ms
23ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-602392.js?sv=5

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:21 GMT
x-content-type-options: nosniff
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 32
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: JbRMchvJ3UqUiCCkJ7FTz7w1HjvbhQ7ug0p4nyAO_bU9gXUWDB8sWQ==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 68ms
21ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 16:23:39 GMT
content-encoding: gzip
age: 59650
x-guploader-uploadid: ADPycdumoglCKFqB9j40XUwN8zhG4Lf3TFA5c3OhS7whQduLm2mKzJtmIBJ3ttf7K6ntTSuPgmPf26WkVOS5EqRp2dAIxIRQWAZK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Mon, 24 Jul 2023 16:23:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 67ms
19ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 08:57:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: v8rl2QUtut1q9R+WkkQpQ7NkfAsnBhz6P90JS2RY2faLLFzIU6zFBjznRakPeW7x5GKN4WQLaHHxRfAc9FM+DA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

131ms
33ms

Script
application/javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:34 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000ecfa310e87705ee7-00646c8ee1-3295a825-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
87 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53af49dfc49592515849d4e8ab544c89a1730095f69237b552ae25070c47e825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jul 2023 08:57:49 GMT

OPTIONS
H2 204 get
wsdkapi.netmera.com/sdk/3.0/config/ Frame 0
0 178ms
55ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/config/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: GET
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 08:57:49 GMT
server: nginx

GET
H2 200 get Show response
wsdkapi.netmera.com/sdk/3.0/config/ 11 KB
11 KB 61ms
57ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/config/get

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

781e86f4d85534912da82bb67bdf2ab3cdaa3c06359fd0a774a43c02bed387d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: de-DE,de;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 81ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MEEZBTE0X0&gtm=45je37j0&_p=106104738&_gaz=1&cid=2107388163.1690189070&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1690189069&sct=1&seg=0&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&dt=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&en=page_view&_fv=1&_nsi=1&_ss=2&up.userId=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 85ms
28ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MEEZBTE0X0&cid=2107388163.1690189070&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 99ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MEEZBTE0X0&cid=2107388163.1690189070&gtm=45je37j0&aip=1&z=981897858

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.a0d74aac8cc078f29dca.js Show response
script.hotjar.com/ 279 KB
68 KB 68ms
23ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a0d74aac8cc078f29dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2838419.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 243463
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69233
last-modified: Fri, 21 Jul 2023 13:19:44 GMT
etag: "296f56b68e90f44dfc003e4f2b43db7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6m3p3M4etvZE4mA3vDDwSseU2VOaVz9MWT70falGSZNgNsB6BGMohQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/992173426/ 42 B
328 B 32ms
31ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992173426/?random=1690189069698&cv=11&fst=1690185600000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&fmt=3&is_vtc=1&random=2459864632&rmt_tld=0&ipr=y

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/992173426/ 42 B
456 B 64ms
36ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992173426/?random=1690189069698&cv=11&fst=1690185600000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&fmt=3&is_vtc=1&random=2459864632&rmt_tld=1&ipr=y

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1134162144016155 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 100ms
100ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1134162144016155?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

318be3ccf5efa7aeac3d594dd84f3d2241bb6eca0ef33b47a1eeb90728750db0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 08:57:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: zCmf4ilR12/bHm7mRYHnenKx1z2ZfHmepRfwQ5z3kDkf+cm+WZPxldVHTYLh+Pz4Ofcf1jID0CxnW9KQbf8KnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
216 B 30ms
29ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=106104738&t=pageview&_s=1&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&ul=en-us&de=UTF-8&dt=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQAAAACAAI~&jid=1968546245&gjid=1369431502&cid=2107388163.1690189070&tid=UA-48094469-2&_gid=585549099.1690189070&_slc=1&gtm=45He37j0n71WQKTFB&cd16=False&z=346240167

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://website-kampanyalarim.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 34ms
27ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48094469-2&cid=2107388163.1690189070&jid=1968546245&gjid=1369431502&_gid=585549099.1690189070&_u=aCDAgEABQAAAAGAAI~&z=168419933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://website-kampanyalarim.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Jul 2023 08:57:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F391 15 KB
6 KB 112ms
35ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://website-kampanyalarim.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 08:57:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 291910
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48094469-2&cid=2107388163.1690189070&jid=1968546245&_u=aCDAgEABQAAAAGAAI~&z=1083658578

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48094469-2&cid=2107388163.1690189070&jid=1968546245&_u=aCDAgEABQAAAAGAAI~&z=1083658578

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 02B4 49 KB
18 KB 128ms
67ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8901912.fls.doubleclick.net
URL: https://8901912.fls.doubleclick.net/activityi;dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=337617992.1690189070;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18398
x-xss-protection: 0
server: cafe
etag: 17414105932935890869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 08:57:50 GMT

GET
H2 200 dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=*;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
adservice.google.com/ddm/fls/z/ Frame 02B4 42 B
401 B 114ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CICQ8fj8poADFQ5RkQUdYKEIVg;src=8901912;type=invmedia;cat=garen0;ord=2603743521305;auiddc=*;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1134162144016155&ev=PageView&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189070001&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690189070000.1603489049&it=1690189069840&coo=false&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame F391
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=website-kampanyalarim.site&sn=ChromeSyncframe&so=0&topUrl=website-kampanyalarim.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=No37bXxXa2dFaXp4QWxGN202S3JhdVpseWptZHRGL29sRW45VXlwbnhLVzJ3TW5jaUI1QmhFam1zUUFCemdrVnlKMDdIZzRERWlmSGZ3MlNkZWRNWW51Y2FnSi9pR0lzakd6WDI2SHFZQ3R2NUdKYW5LSW04SmxnQWlQWV...

470 B
680 B

102ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=No37bXxXa2dFaXp4QWxGN202S3JhdVpseWptZHRGL29sRW45VXlwbnhLVzJ3TW5jaUI1QmhFam1zUUFCemdrVnlKMDdIZzRERWlmSGZ3MlNkZWRNWW51Y2FnSi9pR0lzakd6WDI2SHFZQ3R2NUdKYW5LSW04SmxnQWlQWVRZMUlmMHl0WHhlUkFvRDJnQTBIQWZPYm5CK1ZXYjVUcDBCSGM0ci80ZHpOWnplOVhKUE9pa1ZZUlpqK2kwK242SWcwL3hFWFMrQWhnVnZNY1ltdDVXQ1Y2eWRXMGZna2oxc1IwNHVxalVVNW44b1hFSnVqN2ROS0lLM0dJUDR0VHF4STZ1U1Aya1RkMW15SjNabThlR2hsd0ZZT1BSSEttUFlSbGZZUXZuYjNQMm9rcms5QT18&cppv=2

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d81d16f7a495a03b129e7633c87ae1c7fc92618b4da8059254dce2fc55bf4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1083767
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=No37bXxXa2dFaXp4QWxGN202S3JhdVpseWptZHRGL29sRW45VXlwbnhLVzJ3TW5jaUI1QmhFam1zUUFCemdrVnlKMDdIZzRERWlmSGZ3MlNkZWRNWW51Y2FnSi9pR0lzakd6WDI2SHFZQ3R2NUdKYW5LSW04SmxnQWlQWVRZMUlmMHl0WHhlUkFvRDJnQTBIQWZPYm5CK1ZXYjVUcDBCSGM0ci80ZHpOWnplOVhKUE9pa1ZZUlpqK2kwK242SWcwL3hFWFMrQWhnVnZNY1ltdDVXQ1Y2eWRXMGZna2oxc1IwNHVxalVVNW44b1hFSnVqN2ROS0lLM0dJUDR0VHF4STZ1U1Aya1RkMW15SjNabThlR2hsd0ZZT1BSSEttUFlSbGZZUXZuYjNQMm9rcms5QT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 262068
content-length: 0
expires: 0

POST
H2 200 init Show response
wsdkapi.netmera.com/sdk/3.0/session/ 2 B
266 B 58ms
58ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/session/init

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: de-DE,de;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

OPTIONS
H2 204 init
wsdkapi.netmera.com/sdk/3.0/session/ Frame 0
0 56ms
56ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/session/init
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 08:57:50 GMT
server: nginx

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=9477708089...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=94777...

178 B
765 B

37ms
36ms

Script
text/javascript

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=947770808915&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa867a91b982a4f96446c6cda5c266dcad3fde806b86313a605fed5319708319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 236
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=947770808915&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/788595272/ Frame 02B4 3 KB
2 KB 32ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/788595272/?random=1690189070105&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICQ8fj8poADFQ5RkQUdYKEIVg%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D2603743521305%3Bauiddc%3D337617992.1690189070%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

58cf9e340f16646e5ac386f24d8077cbfa2d4fd450ce12a21945fe9549d0c9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1605
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 fire Show response
wsdkapi.netmera.com/sdk/3.0/event/ 0
243 B 59ms
58ms Fetch 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/event/fire

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: de-DE,de;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fire
wsdkapi.netmera.com/sdk/3.0/event/ Frame 0
0 56ms
56ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/event/fire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 08:57:50 GMT
server: nginx

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
4 KB 113ms
37ms Script
application/x-javascript 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Z9xmxV9mSmFuM3RQc1NrcWtibGR5b1IlMkJXaUpQUERaWEhtZ2ZhY29CRFQlMkZGQTk5VyUyRmdzaEt0UkQ2cGYzdjBaRmhqR0FZSDlxd0NLSlFsOXF1bmZKZXolMkJXdkV2dTklMkJJckpqZEY0dmlxYVd5YkZrRGxwU3U0JTJGVUJxJTJGVGNOekFUSGE1c1gwM25HRENNUSUyQnByaDJyR0VjalBIZUxsVFlqUkRXcWU1ZkJuRENWayUyQnl1cG8lM0Q&tld=website-kampanyalarim.site&fu=https%253A%252F%252Fwebsite-kampanyalarim.site%252F&ceid=73f7f90c-8f84-4689-b285-a00a711fd600&dtycbr=24784

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e7faa9ee4e22aaeb3f5bbbd892ce544835afe6e26f37fc20e43ecbc400e15bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6371053
timing-allow-origin: *
expires: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/788595272/ Frame 02B4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C4...
https://www.google.com/pagead/1p-conversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&...
https://www.google.de/pagead/1p-conversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u...

42 B
108 B

37ms
37ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICQ8fj8poADFQ5RkQUdYKEIVg%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D2603743521305%3Bauiddc%3D337617992.1690189070%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIgIGE-fymgAMV4cC7CB2k7g_O&is_vtc=1&ocp_id=Dj2-ZIDCCOGB7_UPpN2_8Aw&cid=CAQSKQBpAlJWhboxqMs36pV36_jPaU7VevUGdM-7GMiIinavi466JeoNnOp0&random=1459593544&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/788595272/?random=1971197922&cv=9&fst=1690189070105&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICQ8fj8poADFQ5RkQUdYKEIVg%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D2603743521305%3Bauiddc%3D337617992.1690189070%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIgIGE-fymgAMV4cC7CB2k7g_O&is_vtc=1&ocp_id=Dj2-ZIDCCOGB7_UPpN2_8Aw&cid=CAQSKQBpAlJWhboxqMs36pV36_jPaU7VevUGdM-7GMiIinavi466JeoNnOp0&random=1459593544&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 2C48
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30

43 B
345 B

21ms
20ms

Image
image/gif

3.121.62.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30
Protocol: H2
Server: 3.121.62.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-62-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-gEFzQMOeoqOAt2qQsyJOaVv7kGmporcQU-_EFA&expires=30
date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2C48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-_KGE5sOeoqOAt2qQsyJOaVv7kGkD_xsYyaGj-g&google_cm&google_hm=ay1fS0dFNXNPZW9xT0F0MnFRc3lKT2FWdjdrR2tEX3hzW...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_KGE5sOeoqOAt2qQsyJOaVv7kGkD_xsYyaGj-g&google_gid=CAESEAphKoCS9AC4-L8g9rhGvH4&google_cver=1&google_ula=913071,0

43 B
371 B

90ms
27ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_KGE5sOeoqOAt2qQsyJOaVv7kGkD_xsYyaGj-g&google_gid=CAESEAphKoCS9AC4-L8g9rhGvH4&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1078035
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-_KGE5sOeoqOAt2qQsyJOaVv7kGkD_xsYyaGj-g&google_gid=CAESEAphKoCS9AC4-L8g9rhGvH4&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2C48
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6760822840364594256

43 B
370 B

28ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6760822840364594256

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1008788
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
an-x-request-uuid: 88221e37-18d7-4244-962e-3849ad86f41d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6760822840364594256
x-proxy-origin: 217.114.218.21; 217.114.218.21; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame 2C48
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-LSN5sMOeoqOAt2qQsyJOaVv7kGk_WSPyJv40Yg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-LSN5sMOeoqOAt2qQsyJOaVv7kGk_WSPyJv40Yg

43 B
906 B

26ms
25ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-LSN5sMOeoqOAt2qQsyJOaVv7kGk_WSPyJv40Yg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
an-x-request-uuid: fbd4bd6c-8735-4b8b-b6e4-af4a49e3820c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
an-x-request-uuid: 6ccfb016-64d7-4bfb-99be-1b313f18f4aa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-LSN5sMOeoqOAt2qQsyJOaVv7kGk_WSPyJv40Yg
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.21; 217.114.218.21; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 2C48 61 B
793 B 280ms
213ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-ASHYOMOeoqOAt2qQsyJOaVv7kGljKzkIRmeJhg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:50 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 24 Jul 2023 08:57:50 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2C48 0
239 B 105ms
21ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-oNthZMOeoqOAt2qQsyJOaVv7kGngwqfwPluBjw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 2C48 0
360 B 89ms
24ms Image
text/plain 35.158.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-XTVhi8OeoqOAt2qQsyJOaVv7kGlUoJpy5mwwnw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.240.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-240-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 2C48 43 B
114 B 143ms
34ms Image
image/gif 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ulzXAMOeoqOAt2qQsyJOaVv7kGllGbeKqcIfVQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:49 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2C48 0
99 B 118ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-dRBuAcOeoqOAt2qQsyJOaVv7kGlyAHeZe_KHCQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25016

GET
H2 200 um
criteo-sync.teads.tv/ Frame 2C48 23 B
163 B 167ms
56ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-spgLgcOeoqOAt2qQsyJOaVv7kGmQDT8NHtVrUw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Mon, 24 Jul 2023 08:57:50 GMT
pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 2C48 37 B
140 B 79ms
22ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-NUaCp8OeoqOAt2qQsyJOaVv7kGkT0zyM9hbPpg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 2C48 0
125 B 77ms
22ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MaAi6sOeoqOAt2qQsyJOaVv7kGk3pGDPNBLKnw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 2C48 43 B
163 B 107ms
33ms Image
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-_WsN0sOeoqOAt2qQsyJOaVv7kGkr_8pnMq4lZQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
last-modified: Thu, 11 May 2023 07:25:22 GMT
server: nginx
accept-ranges: bytes
etag: "645c9862-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 2C48 49 B
341 B 152ms
44ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Akhp68OeoqOAt2qQsyJOaVv7kGkWjBkF737nWg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:50 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 2C48
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SoZhu8OeoqOAt2qQsyJOaVv7kGl6MeG9nzai5A
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SoZhu8OeoqOAt2qQsyJOaVv7kGl6MeG9nzai5A&C=1

43 B
766 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SoZhu8OeoqOAt2qQsyJOaVv7kGl6MeG9nzai5A&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 08:57:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 08:57:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-SoZhu8OeoqOAt2qQsyJOaVv7kGl6MeG9nzai5A&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 2C48
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=NGBcXO5f6-YBe-xsKbnFXnx6ad4So1-_
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=NGBcXO5f6-YBe-xsKbnFXnx6ad4So1-_

42 B
942 B

49ms
48ms

Image
image/gif

34.246.32.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=NGBcXO5f6-YBe-xsKbnFXnx6ad4So1-_

Protocol

HTTP/1.1

Server

34.246.32.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-32-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0a2868ca3.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Tv/+CuY3RWA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0bfa98f39.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 93GdMAEuQEY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=NGBcXO5f6-YBe-xsKbnFXnx6ad4So1-_
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 2C48 43 B
1 KB 74ms
21ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-NoKFJMOeoqOAt2qQsyJOaVv7kGkWVteQ4DCoIQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 24 Jul 2023 08:57:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 2C48
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-xyWQxcOeoqOAt2qQsyJOaVv7kGkwCOs3XJcpOQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xyWQxcOeoqOAt2qQsyJOaVv7kGkwCOs3XJcpOQ

43 B
447 B

47ms
46ms

Image
image/gif

52.48.249.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xyWQxcOeoqOAt2qQsyJOaVv7kGkwCOs3XJcpOQ
Protocol: H2
Server: 52.48.249.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-249-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jul 2023 08:57:50 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-xyWQxcOeoqOAt2qQsyJOaVv7kGkwCOs3XJcpOQ
access-control-allow-origin: *
date: Mon, 24 Jul 2023 08:57:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 2C48 42 B
274 B 86ms
31ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-f4X8IMOeoqOAt2qQsyJOaVv7kGk6WRBMiDp0ng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 2C48 0
879 B 78ms
21ms Image
text/html 54.93.45.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-7PRgJsOeoqOAt2qQsyJOaVv7kGmAvbN8zJdmOw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.45.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-45-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 2C48 0
145 B 431ms
105ms Image
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-A7SafcOeoqOAt2qQsyJOaVv7kGmJ8tFXobJNrA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 08:57:50 GMT
Cache-Control: no-cache
X-TraceId: e516663d0447fca35c1f7a46fe57d63a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2C48 42 B
580 B 155ms
46ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-z23euMOeoqOAt2qQsyJOaVv7kGlpLkHQLVvRfg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 2C48 43 B
398 B 346ms
103ms Image
image/gif 2600:1f18:612b:4264:16fa:8844:6a74:e97a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-ZafjzsOeoqOAt2qQsyJOaVv7kGn1hJi5oFmp-Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:16fa:8844:6a74:e97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 24 Jul 2023 08:57:50 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 2C48 0
400 B 131ms
61ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-dwiu_MOeoqOAt2qQsyJOaVv7kGmoAa5bEjAbUA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 08:57:50 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 23 Jul 2023 08:57:50 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 2C48 0
38 B 173ms
43ms Image
text/plain 52.30.155.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-HycZY8OeoqOAt2qQsyJOaVv7kGlex1lcW9V_gA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.155.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 2C48 0
44 B 69ms
20ms Image
text/plain 35.158.16.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-rlS34MOeoqOAt2qQsyJOaVv7kGm_RkQsF6HGMQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-209.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:50 GMT
server: awselb/2.0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1134162144016155&ev=Microdata&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189070504&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta%22%2C%22meta%3Adescription%22%3A%22DenizBank%20Afili%20Bankac%C4%B1l%C4%B1k%20M%C3%BC%C5%9Fterilerine%20%C3%96zel%20%2538%20%C4%B0ndirim!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2FContent%2Fassets%2Fimages%2Fgarenta-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&ec=1&o=30&fbp=fb.1.1690189070000.1603489049&it=1690189069840&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 2C48
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=zEUBanwyPxq8b8q0OM4WBSBGvWOXVIRZ

0
338 B

145ms
45ms

Image
text/plain

52.212.62.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=zEUBanwyPxq8b8q0OM4WBSBGvWOXVIRZ
Protocol: H2
Server: 52.212.62.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-62-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1690189070
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=zEUBanwyPxq8b8q0OM4WBSBGvWOXVIRZ
date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 728059
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 2C48
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=IeIQBxUZRjXIK5o6nZHf21z2u_Kb1PSQ

35 B
268 B

355ms
115ms

Image
image/gif

18.118.60.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=IeIQBxUZRjXIK5o6nZHf21z2u_Kb1PSQ
Protocol: H2
Server: 18.118.60.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-118-60-139.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:51 GMT
x-bt-requestid: 2b60b9f0-2a00-11ee-9890-0000ac170251
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=IeIQBxUZRjXIK5o6nZHf21z2u_Kb1PSQ
date: Mon, 24 Jul 2023 08:57:50 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 589828
content-length: 0

GET
H3 200 272039029802521 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272039029802521?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf01bdbb65f05cdda2528eef0c19c238158cf04d8244cc192d354ae5c875d4b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 08:57:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: CZZ7axZvndBBLwbGDrMwLBosoNazEbNv4wgt0tW6Tpcno4uVrp/E21oXzPI20+o948nSh6N3CRm/KsN8zWwIqw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 22ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272039029802521&ev=PageView&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189073237&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690189070000.1603489049&it=1690189069840&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272039029802521&ev=Microdata&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189073738&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta%22%2C%22meta%3Adescription%22%3A%22DenizBank%20Afili%20Bankac%C4%B1l%C4%B1k%20M%C3%BC%C5%9Fterilerine%20%C3%96zel%20%2538%20%C4%B0ndirim!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2FContent%2Fassets%2Fimages%2Fgarenta-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&ec=1&o=30&fbp=fb.1.1690189070000.1603489049&it=1690189069840&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.useinsider.com/	1970-01-20 13:29:50	Name: __cf_bm Value: 942Zk77_CmsfJTlvbWlTdsBiwMMaaWXWxjnTlE.YFDc-1690189069-0-AXynIWgxjZw2HOIYkqgd/NOUUb5jegyt6P1xPg4YPNV7w41oAAREgIkl7/qkk+AKgnJ8/2IsAXWKTWFxOSY4+po=
.website-kampanyalarim.site/	1970-01-20 15:39:25	Name: _gcl_au Value: 1.1.337617992.1690189070
.website-kampanyalarim.site/	1970-01-20 23:05:49	Name: _ga_MEEZBTE0X0 Value: GS1.1.1690189069.1.0.1690189069.60.0.0
.website-kampanyalarim.site/	1970-01-20 22:15:25	Name: mp_a1961649b67d787d8f16563d4020438f_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A189871e7e053fc-0af1b665757e4e-693c5154-1d4c00-189871e7e053fc%22%2C%22%24device_id%22%3A%20%22189871e7e053fc-0af1b665757e4e-693c5154-1d4c00-189871e7e053fc%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.website-kampanyalarim.site/	1970-01-20 23:05:49	Name: _ga Value: GA1.2.2107388163.1690189070
.website-kampanyalarim.site/	1970-01-20 13:31:15	Name: _gid Value: GA1.2.585549099.1690189070
.website-kampanyalarim.site/	1970-01-20 13:29:49	Name: _dc_gtm_UA-48094469-2 Value: 1
.doubleclick.net/	1970-01-20 22:51:25	Name: IDE Value: AHWqTUnxEAzHyqmcQu0Ha3xDnNafOF0SO99eAO4S2_QCdp_DxQISc2AGVE6ihyJMRaY
.website-kampanyalarim.site/	1970-01-20 22:15:25	Name: _hjSessionUser_2838419 Value: eyJpZCI6ImFjY2U1Y2JiLTI2ZTEtNTBkYi05OTgwLTJhMDg0MWI4ZGY0OSIsImNyZWF0ZWQiOjE2OTAxODkwNjk5NDYsImV4aXN0aW5nIjpmYWxzZX0=
.website-kampanyalarim.site/	1970-01-20 13:29:50	Name: _hjFirstSeen Value: 1
.website-kampanyalarim.site/	1970-01-20 13:29:49	Name: _hjIncludedInSessionSample_2838419 Value: 0
.website-kampanyalarim.site/	1970-01-20 13:29:50	Name: _hjSession_2838419 Value: eyJpZCI6ImUzNGVhMDEwLTFlYjEtNGIxYS1hMDU3LWYyNTBjZmM3NTUzNCIsImNyZWF0ZWQiOjE2OTAxODkwNjk5NTksImluU2FtcGxlIjpmYWxzZX0=
.website-kampanyalarim.site/	1970-01-20 13:29:50	Name: _hjAbsoluteSessionInProgress Value: 0
.criteo.com/	1970-01-20 22:51:25	Name: uid Value: f2cd8a6a-af40-4455-b68a-e8a7208aba53
.website-kampanyalarim.site/	1970-01-20 15:39:25	Name: _fbp Value: fb.1.1690189070000.1603489049
.adform.net/	1970-01-20 14:14:27	Name: C Value: 1
.website-kampanyalarim.site/	1970-01-20 22:59:13	Name: cto_bundle Value: Z9xmxV9mSmFuM3RQc1NrcWtibGR5b1IlMkJXaUpQUERaWEhtZ2ZhY29CRFQlMkZGQTk5VyUyRmdzaEt0UkQ2cGYzdjBaRmhqR0FZSDlxd0NLSlFsOXF1bmZKZXolMkJXdkV2dTklMkJJckpqZEY0dmlxYVd5YkZrRGxwU3U0JTJGVUJxJTJGVGNOekFUSGE1c1gwM25HRENNUSUyQnByaDJyR0VjalBIZUxsVFlqUkRXcWU1ZkJuRENWayUyQnl1cG8lM0Q
.adform.net/	1970-01-20 14:56:13	Name: uid Value: 3477092517754157628
.bidswitch.net/	1970-01-20 22:15:25	Name: tuuid Value: d92fdcdb-2f2d-4190-801f-7fbef1f2ce7a
.bidswitch.net/	1970-01-20 22:15:25	Name: c Value: 1690189070
.bidswitch.net/	1970-01-20 22:15:25	Name: tuuid_lu Value: 1690189070
match.sharethrough.com/	1970-01-20 13:39:53	Name: AWSALBCORS Value: udBSWj+Ee5csfbbMhkIBNOO8p9G/xdLs5zkNFl/J6abGcSsD9L9kcAjulGddt+IWJjVgCuC28Ibg/TiqvcERnLf3Kx5KuFWaQxsiK8a5ZCMfFEAsYvhLi0Nj75u1
.adnxs.com/	1970-01-20 15:39:25	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C%ygO()t!]tbPl@/D!9hy6]/CwgMk`%v[k3?10i/5.L['gLhie]o3]R[kb7_gmn65#c$gjyZ_C*l_@S29^-%nugO%v4VB%ns>x-#+eL
.adnxs.com/	1970-01-20 15:39:25	Name: uuid2 Value: 6760822840364594256
.id5-sync.com/	1970-01-20 13:29:49	Name: cf Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: cip Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: car Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: callback Value:
.demdex.net/	1970-01-20 17:49:01	Name: demdex Value: 00347024805645030672761441416669370842
exchange.mediavine.com/	1970-01-20 13:49:58	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%222b0bbc20-2a00-11ee-8082-6b8ec7a8bd29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222b0bbc20-2a00-11ee-8082-6b8ec7a8bd29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: am_tokens Value: %7B%22mv_uuid%22%3A%222b0bbc20-2a00-11ee-8082-6b8ec7a8bd29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222b0bbc20-2a00-11ee-8082-6b8ec7a8bd29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: criteo Value: %7B%22id%22%3A%22k-7PRgJsOeoqOAt2qQsyJOaVv7kGmAvbN8zJdmOw%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/	1970-01-20 14:13:01	Name: ayl_visitor Value: 7aedcee7d39871cfa265b7a48c9ae6a7
.media.net/	1970-01-20 22:15:25	Name: visitor-id Value: 3331906708280561000V10
.media.net/	1970-01-20 14:13:01	Name: data-c-ts Value: 1690189070
.media.net/	1970-01-20 14:13:01	Name: data-c Value: k-ASHYOMOeoqOAt2qQsyJOaVv7kGljKzkIRmeJhg~~3
.casalemedia.com/	1970-01-20 22:15:25	Name: CMID Value: ZL49DnxBlLLHhZK4oy0s7QAA
.casalemedia.com/	1970-01-20 15:39:25	Name: CMPS Value: 3369
.casalemedia.com/	1970-01-20 15:39:25	Name: CMPRO Value: 3369
.dpm.demdex.net/	1970-01-20 17:49:01	Name: dpm Value: 00347024805645030672761441416669370842
.360yield.com/	1970-01-20 15:39:25	Name: tuuid Value: b4a1ef5e-bae1-410b-bf02-7d9ed3f3dd45
.360yield.com/	1970-01-20 15:39:25	Name: tuuid_lu Value: 1690189070
.pubmatic.com/	1970-01-20 14:13:01	Name: KRTBCOOKIE_97 Value: 3385-uid:k-z23euMOeoqOAt2qQsyJOaVv7kGlpLkHQLVvRfg&KRTB&23144-uid:k-z23euMOeoqOAt2qQsyJOaVv7kGlpLkHQLVvRfg&KRTB&23286-uid:k-z23euMOeoqOAt2qQsyJOaVv7kGlpLkHQLVvRfg&KRTB&23287-uid:k-z23euMOeoqOAt2qQsyJOaVv7kGlpLkHQLVvRfg
.pubmatic.com/	1970-01-20 14:13:01	Name: PugT Value: 1690189070
.360yield.com/	1970-01-20 15:39:25	Name: um Value: !38,ClmjhcFb9xhDiAhAhyScN5h4DKZqymhjjqAG1qXszZtojFCePK6K.oZ4OZuJ3oPojfWSXpUD,1697965070
.360yield.com/	1970-01-20 15:39:25	Name: umeh Value: !38,0,1752397070,-1
.krxd.net/	1970-01-20 17:49:01	Name: _kuid_ Value: PsW3cGU2
.tremorhub.com/	1970-01-20 22:15:45	Name: tvid Value: fbdb96fa27f64a0193e36d6fef0784b3
.tremorhub.com/	1970-01-20 14:13:01	Name: tv_UICR Value: k-ZafjzsOeoqOAt2qQsyJOaVv7kGn1hJi5oFmp-Q

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://website-kampanyalarim.site/Content/assets/layoutcss?v=23GcvFvbxnWA3tRNkzzdQ-uMepEn0x1qtLq4Z9-gvQw1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/images/garenta-logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/pickercss?v=nPZx4XkJDbjowHzcEljTttKeOOprBqKncyC91BbxEPA1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/pickerjs?v=uNpyDy0xeAYJw4OnUHFUWcK6YKbc3I47j2KcIOrmi8c1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/js/picker/tr_TR.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/campaignsearch?v=lmSsQ_mLQagITVa4pfpKeptS2wEfyclBN7eYb-ODlK01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/collaboration.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta-logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta_logo_footer_new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/instaico2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/celik_motor_footer_new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/faceico_2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/layoutjs?v=5ndK8cFtiEk8qdedfpS5iSnmGmkcKgf-OA-Hfyvomko1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/youtubeico1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/ikinci_yeni_logo_new_footer.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/linkico1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/app_googleplay.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/twitter_ico.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/Logo_Anadolu.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/app_appstore.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/images/garenta_loading.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8901912.fls.doubleclick.net
ad.360yield.com
ad.yieldlab.net
adservice.google.com
beacon.krxd.net
cdn.mxpnl.com
cdn.netmera-web.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
garenta.api.useinsider.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.garenta.com.tr
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
netdna.bootstrapcdn.com
ntm.netmera-web.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
s2.adform.net
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track.adform.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
website-kampanyalarim.site
wsdkapi.netmera.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
13.248.245.213
141.226.228.48
142.250.181.226
142.250.186.38
142.250.74.194
162.19.138.119
178.250.1.11
178.250.1.9
178.250.7.11
18.118.60.139
18.66.97.53
185.255.84.152
185.57.65.125
185.64.190.80
185.80.39.216
185.86.139.102
2001:4860:4802:32::36
23.218.208.23
23.32.185.35
23.35.237.75
2600:1901:0:498c::
2600:1f18:612b:4264:16fa:8844:6a74:e97a
2600:9000:206f:5a00:10:5f7f:b9c0:93a1
2606:4700:7::a29f:863d
2606:4700::6812:acf
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c0d::9b
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.121.62.68
3.123.31.56
3.75.62.37
34.117.157.22
34.246.32.5
35.158.16.209
35.158.240.125
37.157.2.247
37.157.5.132
37.157.5.84
37.252.171.85
37.252.173.215
5.159.251.32
52.212.62.24
52.222.236.43
52.30.155.207
52.48.249.89
54.170.121.144
54.93.45.192
69.173.144.139
70.42.32.223
12ab4bbc298bd8b74b50de852a3dddd35c9b71a47c22ff77dc6962b752236f2b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662
1e3fe0befdde21c86098aca47577ed5e6b6b0e85f200d486b4f76e9dc346e422
2ebd20a83dd21baed9c7c04ea3c11740b38133e68df444add5faccf419e06ac2
30478d91396916be9394c38fd5dddfd240825a5b2d8bf3d1af321a466b4cbee1
318be3ccf5efa7aeac3d594dd84f3d2241bb6eca0ef33b47a1eeb90728750db0
32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53af49dfc49592515849d4e8ab544c89a1730095f69237b552ae25070c47e825
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58cf9e340f16646e5ac386f24d8077cbfa2d4fd450ce12a21945fe9549d0c9fb
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
781e86f4d85534912da82bb67bdf2ab3cdaa3c06359fd0a774a43c02bed387d0
7993590ef120800ae890a068d78d219cdb797b35c3c65e3f6afc2860bc44413e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88428020331bd2923c769d7dbacc79219db0d1a4d6e54affc2ad81712477b063
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8adbe6f428c1214cc99e59eac1ac4b8b170738318dcd65649fa792a2be4b8f56
8d81d16f7a495a03b129e7633c87ae1c7fc92618b4da8059254dce2fc55bf4f1
8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8d53eaeda6725d311a182d068ea269a1f01a2d9565ee777b6a359857c3971c8
aa867a91b982a4f96446c6cda5c266dcad3fde806b86313a605fed5319708319
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf01bdbb65f05cdda2528eef0c19c238158cf04d8244cc192d354ae5c875d4b2
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e7faa9ee4e22aaeb3f5bbbd892ce544835afe6e26f37fc20e43ecbc400e15bc8
e8722fbbfc517d53ca08b733afcd3972f611f588bae1e865797e1ff63079b466
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ed50a5152e6bb4874afaad6b4ed9ce4b779aca516aed5495d807d3e9da8462
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

website-kampanyalarim.site Open in urlscan Pro 3.123.31.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

87 %HTTPS

33 %IPv6

47 Domains

61 Subdomains

57 IPs

10 Countries

1066 kBTransfer

2903 kBSize

53 Cookies

14 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

website-kampanyalarim.site Open in urlscan Pro
3.123.31.56 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

87 %
HTTPS

33 %
IPv6

47
Domains

61
Subdomains

57
IPs

10
Countries

1066 kB
Transfer

2903 kB
Size

53
Cookies

104 HTTP transactions
0 data transactions