urlscan.io logo urlscan.io
SecurityTrails logo

www.ersa.com.tr Open in urlscan Pro
176.53.90.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ersa.com.tr/components/twitter/jquery.twitter.js
Effective URL: https://www.ersa.com.tr/404.html
Submission Tags: falconsandbox
Submission: On July 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 37 HTTP transactions. The main IP is 176.53.90.211, located in Turkey and belongs to RADORE, TR. The main domain is www.ersa.com.tr.
TLS certificate: Issued by R3 on June 24th 2021. Valid for: 3 months.
This is the only time www.ersa.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18 176.53.90.211 42926 (RADORE)
7 54.75.251.233 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.242.23.178 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.80.253.169 16509 (AMAZON-02)
37 11
18    176.53.90.211 (Turkey)

ASN42926 (RADORE, TR)
PTR: level1.pantoneweb.com
ersa.com.tr
www.ersa.com.tr
7    54.75.251.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
code.jivosite.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    34.242.23.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-23-178.eu-west-1.compute.amazonaws.com
node235.jivosite.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.80.253.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-253-169.eu-west-1.compute.amazonaws.com
telemetry.jivosite.com
Domain Requested by
17 www.ersa.com.tr 2 redirects www.ersa.com.tr
7 code.jivosite.com www.ersa.com.tr
code.jivosite.com
6 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stackpath.bootstrapcdn.com www.ersa.com.tr
stackpath.bootstrapcdn.com
1 telemetry.jivosite.com www.ersa.com.tr
1 node235.jivosite.com code.jivosite.com
1 www.googletagmanager.com www.ersa.com.tr
1 fonts.googleapis.com www.ersa.com.tr
1 ersa.com.tr 1 redirects
37 10
Subject Issuer Validity Valid
ersa.com.tr
R3		 2021-06-24 -
2021-09-22		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2020-04-05 -
2022-06-04		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.ersa.com.tr/404.html
Frame ID: 0121033D08D8C14FF22C299EA038E7FC
Requests: 44 HTTP requests in this frame

Frame: https://telemetry.jivosite.com/w?event=offline_invite&widget_id=O3CNjTpsSf&chat_mode=offline&site_id=1243892&device=desktop&visitor_id=bd593d9f57c53022&widget_version=35.8.0&shard=main
Frame ID: 5A5C5B9A0F0F85D88F54778FB2101983
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ersa.com.tr/components/twitter/jquery.twitter.js HTTP 301
    https://www.ersa.com.tr/components/twitter/jquery.twitter.js HTTP 302
    https://www.ersa.com.tr/404.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

11
IPs

4
Countries

1293 kB
Transfer

3064 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ersa.com.tr/components/twitter/jquery.twitter.js HTTP 301
    https://www.ersa.com.tr/components/twitter/jquery.twitter.js HTTP 302
    https://www.ersa.com.tr/404.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.ersa.com.tr/assets/img/bg/6.png HTTP 302
  • https://www.ersa.com.tr/404.html

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 404.html
www.ersa.com.tr/
Redirect Chain
  • http://ersa.com.tr/components/twitter/jquery.twitter.js
  • https://www.ersa.com.tr/components/twitter/jquery.twitter.js
  • https://www.ersa.com.tr/404.html
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e1ae25c971320fae5b4942d107f2536651358bb124651bb0f1b413a5cdd529f

Request headers

Host
www.ersa.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Length
5492

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.ersa.com.tr/404.html
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Length
155
O3CNjTpsSf
code.jivosite.com/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/widget/O3CNjTpsSf
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4841e56cf34d19274f3661f36359a71dde84e35de6bbd5acb7d2993e8083162c

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:13:22 GMT
Content-Encoding
br
Last-Modified
Wed, 16 Jun 2021 13:21:22 GMT
Server
nginx
Etag
"60c9fad2-1755"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Connection
keep-alive
X-Geo-Shard
main
Content-Length
5973
Via
1.1 sharxy
Expires
Thu, 01 Jul 2021 03:13:22 GMT
bundle.min.css
www.ersa.com.tr/assets/css/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/css/bundle.min.css
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afd0c9fc1614406b2380e1007f0dd8f48ef54862b900d0d0da634af3276ce292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:15 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"b148f172717cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
8487
css
fonts.googleapis.com/ 		5 KB
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e78ddc9fa1c709e2d53cada396635fb07c0b59d10a7ac8b0d5342ca72edeea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:13:21 GMT
server
ESF
date
Thu, 01 Jul 2021 01:13:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 01:13:21 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ersa.com.tr
Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:13:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
4031865
cdn-cachedat
2021-05-15 11:13:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0b0139bef800004e9e8d9be000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3b478892e013353f112dd962e7fbaff1
cf-ray
667bc577eb924e9e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.min.css
www.ersa.com.tr/assets/css/ 		152 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/css/bootstrap.min.css
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:15 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"828ef572717cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
35478
style.css
www.ersa.com.tr/assets/css/ 		73 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/css/style.css
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0cb9421e50b4f1888c7cbf5ce38be8edd1f1d623978a48e9f08f4bae6da8d0b8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Apr 2021 13:18:47 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"ffe42361e2ad71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
15793
logo.svg
www.ersa.com.tr/assets/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ersa.com.tr/assets/images/logo.svg
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e20dabb17ab9da0192a5ad2f27ca4877940d3a840d92d8a23fa95c21e74ec8c1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Last-Modified
Fri, 02 Apr 2021 10:50:45 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"042ee8ae27d71:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
12642
jquery.min.js
www.ersa.com.tr/assets/js/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/jquery.min.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7465c54d5a9274e7dcfd1b3910069ae3522fe0f1c2dc527aaedab3d9a0bf3c91

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"a861b373717cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
39422
popper.min.js
www.ersa.com.tr/assets/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/popper.min.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a38f8d283bc18d5656913c3f420909248d1ba47884d6c8387ab2bacd15dfb90b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9b8af73717cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
9154
bootstrap.min.js
www.ersa.com.tr/assets/js/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/bootstrap.min.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6eb8168fd82683ecd576983066d87d24d31295082118bb6b0d55788801ff690b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"7ddcc373717cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
21408
bundle.js
www.ersa.com.tr/assets/js/ 		329 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/bundle.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
84f1fb4fa1daa25dbd52a1a7f5aef27949c027e942e8158db2087f66f0e9f049

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
ETag
"c950bb73717cd61:0"
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
scripts.js
www.ersa.com.tr/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/scripts.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a71aece3c89dc241ceb978a5997be4223e2e30d8695e5cfecdd8fd9602df91e1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"ce39aa73717cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3141
sweetalert.min.js
www.ersa.com.tr/assets/js/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/sweetalert.min.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c1c8a773717cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
14887
app.form.js
www.ersa.com.tr/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ersa.com.tr/assets/js/app.form.js
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1975ccd1eb4381126b43c1b374ed0a76789064738619f84da2fca485cdb60120

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l; _ga=GA1.3.1473031479.1625102002; _gid=GA1.3.1517636924.1625102002; _gat_UA-139536388-37=1
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"3f22c873717cd61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1068
O3CNjTpsSf
code.jivosite.com/script/widget/config/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/O3CNjTpsSf
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/O3CNjTpsSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a684fea247b8b3af7d6cef96c3587fadfdb00a16ee65cfd3e3a01ab15ee62ca

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:13:22 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Connection
keep-alive
X-Geo-Shard
main
Content-Length
1056
Via
1.1 sharxy
Expires
Thu, 01 Jul 2021 03:13:22 GMT
gtm.js
www.googletagmanager.com/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL9XB32
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9099b912139285969ead5f04c756d697ead511b597687a14a1d1c2215de51ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:13:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32865
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 00:12:40 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Jul 2021 01:13:22 GMT
404.html
www.ersa.com.tr/
Redirect Chain
  • https://www.ersa.com.tr/assets/img/bg/6.png
  • https://www.ersa.com.tr/404.html
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ersa.com.tr/404.html
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l; _ga=GA1.3.1473031479.1625102002; _gid=GA1.3.1517636924.1625102002; _gat_UA-139536388-37=1
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
5492

Redirect headers

Location
https://www.ersa.com.tr/404.html
Date
Thu, 01 Jul 2021 01:13:10 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
X-Powered-By-Plesk
PleskWin
Content-Type
text/html; charset=UTF-8
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ersa.com.tr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:07:57 GMT
x-content-type-options
nosniff
age
122725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 15:07:57 GMT
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.ersa.com.tr
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:13:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
1759019
cdn-cachedat
2021-06-08 21:27:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
cf-request-id
0b0139c00100001f296eb8a000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d96be40e192cfe41c3caf979fa98270d
accept-ranges
bytes
cf-ray
667bc5799e3b1f29-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ersa.com.tr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 01:42:01 GMT
x-content-type-options
nosniff
age
84681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 01:42:01 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ersa.com.tr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 20:49:13 GMT
x-content-type-options
nosniff
age
102249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38108
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 20:49:13 GMT
4iCs6KVjbNBYlgoKcQ72j00.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKcQ72j00.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3679dafce73b23d0e258136f985abba48cf4dad45c2f8c6489708ff6d0ce2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ersa.com.tr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 10:57:30 GMT
x-content-type-options
nosniff
age
137752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46872
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:57:30 GMT
4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bff3ec720117a91ab7501102a32f06d0f224673a7f2407a31e076e8617856c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ersa.com.tr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 07:58:30 GMT
x-content-type-options
nosniff
age
62092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37888
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 07:58:30 GMT
4iCv6KVjbNBYlgoC1CzjvmyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjvmyNL4U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,600,700,800&display=swap&subset=latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
204ee8742c385a5b52423fdbe2889bdbb5cb073e95c14dc0b981272329d76ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ersa.com.tr
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 08:01:00 GMT
x-content-type-options
nosniff
age
61942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53812
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 08:01:00 GMT
O3CNjTpsSf
node235.jivosite.com/widget/status/1243892/ 		196 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node235.jivosite.com/widget/status/1243892/O3CNjTpsSf?rnd=0.12371909902912925
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/O3CNjTpsSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.242.23.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-23-178.eu-west-1.compute.amazonaws.com
Software
foxy /
Resource Hash
a0d6594b37079d87d0e3f8d636c413a54fd19b7d9ca131767c30f47143f7ec2a

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:13:22 GMT
server
foxy
x-botmode
no
x-geoip
NL;ZH;Naaldwijk
content-type
application/json; charset=utf-8;
access-control-allow-origin
https://www.ersa.com.tr
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
196
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL9XB32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5594
date
Wed, 30 Jun 2021 23:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 01 Jul 2021 01:40:08 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1180105879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ersa.com.tr%2F404.html&ul=en-us&de=UTF-8&dt=Sayfa%20Bulunamad%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=190968375&gjid=1123251487&cid=1473031479.1625102002&tid=UA-139536388-37&_gid=1517636924.1625102002&_r=1&gtm=2wg6n0PL9XB32&z=984960151
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:13:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ersa.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
contact.png
www.ersa.com.tr/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ersa.com.tr/assets/images/contact.png
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5e98bbdcca2ecf7d317bee7f670c79883984fd0f5e0d4300d9bdb7e1e62fd224

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ersa.com.tr/assets/css/style.css
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l; _ga=GA1.3.1473031479.1625102002; _gid=GA1.3.1517636924.1625102002; _gat_UA-139536388-37=1
Connection
keep-alive
Referer
https://www.ersa.com.tr/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2e767173717cd61:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5775
dark-pattern-bg.jpg
www.ersa.com.tr/assets/images/ 		299 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ersa.com.tr/assets/images/dark-pattern-bg.jpg
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
176.53.90.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
level1.pantoneweb.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7b94d12f1e19ffa9a96e30ff989f5c600507c94935bdd1cfffd72cbdc4fc8aaf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ersa.com.tr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ersa.com.tr/404.html
Cookie
ASP.NET_SessionId=ihnmlxrpfznggke3jmdai20l; _ga=GA1.3.1473031479.1625102002; _gid=GA1.3.1517636924.1625102002; _gat_UA-139536388-37=1
Connection
keep-alive
Referer
https://www.ersa.com.tr/404.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Thu, 01 Jul 2021 01:13:10 GMT
Last-Modified
Thu, 27 Aug 2020 12:56:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"33e77373717cd61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
306118
bundle_tr.js
code.jivosite.com/js/ 		1 MB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_tr.js?rand=1624022794
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/O3CNjTpsSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b482993576d98c3f09b9b87c3b95e3f0e9e644a2afa3cf77d96fb0f72795855a

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:13:22 GMT
Content-Encoding
br
Last-Modified
Wed, 16 Jun 2021 13:25:05 GMT
Server
nginx
Etag
"60c9fbb1-3f5ec"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
X-Geo-Shard
main
Content-Length
259564
Via
1.1 sharxy
widget.css
code.jivosite.com/css/cff31201/ 		194 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/css/cff31201/widget.css
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4bd4b85024a02da1f6509ac7ae75c3d02ccd0ac84652ca16b2c3ad3ff1e69d21

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:13:22 GMT
Content-Encoding
br
Last-Modified
Wed, 16 Jun 2021 13:23:58 GMT
Server
nginx
Etag
"60c9fb6e-743c"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 sharxy
Cache-Control
max-age=864000
Connection
keep-alive
X-Geo-Shard
main
Content-Length
29756
Expires
Sat, 10 Jul 2021 10:31:25 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf12609920c06b45d18b9ddbf0b3a15e0a4f51ae58dfa332b937c8156114a431

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://www.ersa.com.tr/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 01 Jul 2021 01:13:23 GMT
Via
1.1 sharxy
Last-Modified
Wed, 16 Jun 2021 13:19:55 GMT
Server
nginx
Etag
"60c9fa7b-eb0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
X-Geo-Shard
main
Content-Length
3760
Expires
Fri, 30 Jul 2021 10:31:26 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://www.ersa.com.tr/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 01 Jul 2021 01:13:23 GMT
Via
1.1 sharxy
Last-Modified
Wed, 16 Jun 2021 13:19:55 GMT
Server
nginx
Etag
"60c9fa7b-16b0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
X-Geo-Shard
main
Content-Length
5808
Expires
Fri, 30 Jul 2021 10:31:26 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.251.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-251-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://www.ersa.com.tr/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 01 Jul 2021 01:13:23 GMT
Via
1.1 sharxy
Last-Modified
Wed, 16 Jun 2021 13:19:55 GMT
Server
nginx
Etag
"60c9fa7b-1396"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
X-Geo-Shard
main
Content-Length
5014
Expires
Fri, 30 Jul 2021 10:31:26 GMT
collect
www.google-analytics.com/j/ 		1 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1180105879&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ersa.com.tr%2F404.html&ul=en-us&de=UTF-8&dt=Sayfa%20Bulunamad%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=JivoSite&ea=Proactive%20invitation%20shown&el=Temsilciler%20%C3%87evrimd%C4%B1%C5%9F%C4%B1yken%20%C4%B0leti%C5%9Fim%20Formu&_u=YHBAAEABAAAAAC~&jid=449974650&gjid=526629724&cid=1473031479.1625102002&tid=UA-139536388-37&_gid=1517636924.1625102002&_r=1&gtm=2wg6n0PL9XB32&z=174351172
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ersa.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:13:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ersa.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
w
telemetry.jivosite.com/ Frame 5A5C 		2 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetry.jivosite.com/w?event=offline_invite&widget_id=O3CNjTpsSf&chat_mode=offline&site_id=1243892&device=desktop&visitor_id=bd593d9f57c53022&widget_version=35.8.0&shard=main
Requested by
Host: www.ersa.com.tr
URL: https://www.ersa.com.tr/404.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.253.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-253-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Jul 2021 01:13:34 GMT
content-length
2
content-type
application/x-javascript
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63eae864eabe3031d15bf0e57205abb5e9d088bfebee04443a22235e1262d162

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		444 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9366ef473ccbf1e97690114651dee17dbb079e77c357ff7bac0da8c03908bdaa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		274 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
672a98c0017341d9f006b510055866f64e29520b481b03e45313010d4b299284

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		496 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0b60bef85284f6d3f4cef6230da68eb0596849b8df678c8e58526b1c5cf82eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		636 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c601bc6798df82eabcf7201a5e2b6015d9b630b0f595ecb38381fc358aa0d8ea

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| dataLayer function| $ function| jQuery object| google_tag_manager function| Popper object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| jivo_config object| bootstrap object| _gsScope function| Odometer function| WOW function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| Splitting object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CustomEase function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| Swiper object| wow function| setImmediate function| clearImmediate function| swal function| sweetAlert function| SendContact function| SendSupport function| successSend function| fieldAlert string| jivo_version object| jivo_api

4 Cookies

Domain/Path Name / Value
.ersa.com.tr/ Name: _gat_UA-139536388-37
Value: 1
.ersa.com.tr/ Name: _gid
Value: GA1.3.1517636924.1625102002
.ersa.com.tr/ Name: _ga
Value: GA1.3.1473031479.1625102002
www.ersa.com.tr/ Name: ASP.NET_SessionId
Value: ihnmlxrpfznggke3jmdai20l

1 Console Messages

Source Level URL
Text
console-api warning URL: https://www.ersa.com.tr/assets/js/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot set property 'display' of undefined TypeError: Cannot set property 'display' of undefined at HTMLDocument.<anonymous> (https://www.ersa.com.tr/404.html:243:49) at e (https://www.ersa.com.tr/assets/js/jquery.min.js:2:29453) at t (https://www.ersa.com.tr/assets/js/jquery.min.js:2:29755) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jivosite.com
ersa.com.tr
fonts.googleapis.com
fonts.gstatic.com
node235.jivosite.com
stackpath.bootstrapcdn.com
telemetry.jivosite.com
www.ersa.com.tr
www.google-analytics.com
www.googletagmanager.com
176.53.90.211
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:802::200a
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
34.242.23.178
54.75.251.233
99.80.253.169
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
0a684fea247b8b3af7d6cef96c3587fadfdb00a16ee65cfd3e3a01ab15ee62ca
0cb9421e50b4f1888c7cbf5ce38be8edd1f1d623978a48e9f08f4bae6da8d0b8
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
1975ccd1eb4381126b43c1b374ed0a76789064738619f84da2fca485cdb60120
204ee8742c385a5b52423fdbe2889bdbb5cb073e95c14dc0b981272329d76ee8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4841e56cf34d19274f3661f36359a71dde84e35de6bbd5acb7d2993e8083162c
4bd4b85024a02da1f6509ac7ae75c3d02ccd0ac84652ca16b2c3ad3ff1e69d21
4e1ae25c971320fae5b4942d107f2536651358bb124651bb0f1b413a5cdd529f
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
5e98bbdcca2ecf7d317bee7f670c79883984fd0f5e0d4300d9bdb7e1e62fd224
63eae864eabe3031d15bf0e57205abb5e9d088bfebee04443a22235e1262d162
672a98c0017341d9f006b510055866f64e29520b481b03e45313010d4b299284
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eb8168fd82683ecd576983066d87d24d31295082118bb6b0d55788801ff690b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7465c54d5a9274e7dcfd1b3910069ae3522fe0f1c2dc527aaedab3d9a0bf3c91
77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b94d12f1e19ffa9a96e30ff989f5c600507c94935bdd1cfffd72cbdc4fc8aaf
84f1fb4fa1daa25dbd52a1a7f5aef27949c027e942e8158db2087f66f0e9f049
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
9099b912139285969ead5f04c756d697ead511b597687a14a1d1c2215de51ff5
9366ef473ccbf1e97690114651dee17dbb079e77c357ff7bac0da8c03908bdaa
a0d6594b37079d87d0e3f8d636c413a54fd19b7d9ca131767c30f47143f7ec2a
a38f8d283bc18d5656913c3f420909248d1ba47884d6c8387ab2bacd15dfb90b
a71aece3c89dc241ceb978a5997be4223e2e30d8695e5cfecdd8fd9602df91e1
ac3679dafce73b23d0e258136f985abba48cf4dad45c2f8c6489708ff6d0ce2f
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
afd0c9fc1614406b2380e1007f0dd8f48ef54862b900d0d0da634af3276ce292
b0b60bef85284f6d3f4cef6230da68eb0596849b8df678c8e58526b1c5cf82eb
b482993576d98c3f09b9b87c3b95e3f0e9e644a2afa3cf77d96fb0f72795855a
bf12609920c06b45d18b9ddbf0b3a15e0a4f51ae58dfa332b937c8156114a431
bff3ec720117a91ab7501102a32f06d0f224673a7f2407a31e076e8617856c5e
c601bc6798df82eabcf7201a5e2b6015d9b630b0f595ecb38381fc358aa0d8ea
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
e20dabb17ab9da0192a5ad2f27ca4877940d3a840d92d8a23fa95c21e74ec8c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78ddc9fa1c709e2d53cada396635fb07c0b59d10a7ac8b0d5342ca72edeea20
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43