a101.bu-haftaki-kampanyalar.com Open in urlscan Pro
2606:4700:3031::ac43:839b  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5914481%26time%3D1692730822065%26url%3Dhttps%253A%252F%252Fa101.bu-haftaki-kampanyalar.com%252Ftamamla.php%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true&liSync=true&e_ipv6=AQI4hnV6ztWkmwAAAYoenpB9wTpRNCbHI2YnyhtN8k0bze2TugKvLKdnXYdN07FG1N5t1rS16mVc

Request Chain 44

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10103.MSka_itBHevJ68-xshmdMBsbLvHTtl2-UbzjWmHGTeVDRVgU899g7fAuyA0nThVv.wlhdL-Qj0fAARj4Y-JR8G4uF4Qk%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10103.xvJcZSUg14gXlS4tYrldfT7pBugTXUeFUQR2TqqCeakkjPOAbW24cLtaTmZcR6sbV7Jbvvfq7rimkU7oiVSq4W8PB-T5Hnq4hl2I6Q2Myds%2C.z80qQlmDJOsleTEQbQBwt_8mUyQ%2C

Request Chain 47

• https://mc.yandex.com/watch/84180178?wmode=7&page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A136731459689%3Ahid%3A612272147%3Az%3A120%3Ai%3A20230822210022%3Aet%3A1692730822%3Ac%3A1%3Arn%3A747575968%3Arqn%3A1%3Au%3A1692730822729148321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A50%2C25%2C56%2C8%2C%2C0%2C%2C627%2C71%2C%2C%2C%2C768%3Aco%3A0%3Acpf%3A1%3Ans%3A1692730821041%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692730823%3At%3AA101%20-%20Harca%20Harca%20Bitmez&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(1)aw(1)ecs(0)ti(1) HTTP 302
• https://mc.yandex.com/watch/84180178/1?wmode=7&page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A136731459689%3Ahid%3A612272147%3Az%3A120%3Ai%3A20230822210022%3Aet%3A1692730822%3Ac%3A1%3Arn%3A747575968%3Arqn%3A1%3Au%3A1692730822729148321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A50%2C25%2C56%2C8%2C%2C0%2C%2C627%2C71%2C%2C%2C%2C768%3Aco%3A0%3Acpf%3A1%3Ans%3A1692730821041%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692730823%3At%3AA101%20-%20Harca%20Harca%20Bitmez&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29&redirnss=1

Request Chain 48

• https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10103.Wni_0FyQqR_WNNBYV3-SiP8PPkd1crhA0tncD0fTqueXno5W_wizSsUi3h0YX21G.81YojFWn-zDcQ75sIZ-c1avQ80U%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10103.8fv6RmfC5e2rTzyes8hY__5IqmKVv-3bbuNvvJThJEZgxdRh_U0yq5rudLF6jZxssGyFedI0X-HxOJ_mILslWXk8mlNjCadH2dirUknAVoU%2C.Y-WR3HmUMShXuHKFVtgD1wYFAUM%2C

Request Chain 50

• https://ade.googlesyndication.com/ddm/activity/src=9498078;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=9498078;dc_pre=CJ_Im9v58IADFbWSgwgd-agJ8A;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request tamamla.php Show response a101.bu-haftaki-kampanyalar.com/	191 KB 30 KB	133ms 56ms	Document text/html	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 PleskLin Resource Hash 9894874e800f6c23a8ecb735bd760580ecdd40091e98d67cba757507ecd7967c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7fad5baffaf32bbe-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 22 Aug 2023 19:00:21 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCpZ16%2FbsCz1VRwOmHrCMvd%2FnULC%2BtMUXXiTTikzIperPJuMWr1k4lovlV37uSZ5TbL2z%2Ft29Tn5KCmvWMpPfLeWikPHbxtoG82LCvU6%2BogTYS3w34CPPEpJXTi8CNBQHEMRPfv%2BOu3AcMqq3GvmsqHPL1L5M%2BoJzMlFg9V%2B"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.0.30 PleskLin
GET H2	200	stylePaymentForm.css a101.bu-haftaki-kampanyalar.com/assets/dist/	606 KB 102 KB	91ms 87ms	Stylesheet text/css	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/stylePaymentForm.css Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 5782d92d7436a79a202be2a6e7b23e092eedf6b95834416edc23e750e039fc5c Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64da341e-978bc" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcSQ3XQUrNKQfSCEAoPjb4YdD62RlQc5Id5OgKkfSz87osq2Wg7ifROjR3Y073p1rNH9%2BJat67Epm%2FquxAl50xXlNtqH%2BD6yUzdWI0rfeDh7TB13y1%2B3VZOUemPZbTvY6%2F%2BvvvByi2TC9WtiJgoO4UFSGXaF3g5pP4RxvY%2BZ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7fad5bb06b852bbe-FRA alt-svc h3=":443"; ma=86400
GET H2	200	panton-regular-webfont.woff2 a101.bu-haftaki-kampanyalar.com/assets/dist/	20 KB 20 KB	74ms 71ms	Font font/woff2	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/panton-regular-webfont.woff2 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash f8984a6446bafe0ea0175075cfe56b11284559d4bdf7036de9df585f2c2aa442 Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-4eb8" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOhVyT4WOsEQPXmN0JaSJgvv22LHMntPQHzO4OUBgTUidRSo0tC%2BmYVDTzKIA1xZC5X%2Bnpown51qSkVyHQW6WuIxRPoGcIFvx%2BSEQcXRtWlT3YhZs5DUeqwt0LViSY5oTn1mm7LXzsrJyDofBfviVDhKc%2BsjrCB89d6EZkJi"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb06b862bbe-FRA alt-svc h3=":443"; ma=86400 content-length 20152
GET H2	200	panton-bold-webfont.woff2 a101.bu-haftaki-kampanyalar.com/assets/dist/	19 KB 20 KB	65ms 63ms	Font font/woff2	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/panton-bold-webfont.woff2 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 54efacc6aa356bd0256a8173fecdc4798af27108f7c31c88bc25079d40ec8baa Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-4ca4" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La%2BVikQ3Es%2BYnRJUA%2FDTr8iOrs5%2Bdx2PqCvK81A3fv05edcRHz1AH4qI1fTLh4U4CSbXtOO2BVyKme6gyXPc2FL71xXnAIrvbiyQCQa2Z9PAlIuI2H1oppSzqDTgGv6Dy9JSGzJoGaivM6F3eoMuKqTKHwlU6PQmEoOm0ghq"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb06b892bbe-FRA alt-svc h3=":443"; ma=86400 content-length 19620
GET H2	200	a101_tradegothic-bold-webfont.woff2 a101.bu-haftaki-kampanyalar.com/assets/dist/	13 KB 13 KB	63ms 60ms	Font font/woff2	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/a101_tradegothic-bold-webfont.woff2 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 81f26c06ad5bec709b10fea60c1f0dbf2969ca7eb06def5f375d1473b4418fb2 Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341c-3314" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxqUWMQMY8DhMC%2FHjmH8cP9dgHQD5xdCaMZ3tZsONTCIK6yV4mBED8RP8yGpdpz839zp7iwZslWZ859BKVBhOI%2BKKiQEXRCvaLJngr8qlsuoqjOJ7HQ6X59UHJf%2BKx94a55pN9Rkzv03BPZ3RmnyjpEOzk8rgHSZOJIztZFb"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb06b8b2bbe-FRA alt-svc h3=":443"; ma=86400 content-length 13076
GET H2	200	panton-extrabold-webfont.woff2 a101.bu-haftaki-kampanyalar.com/assets/dist/	19 KB 19 KB	70ms 67ms	Font font/woff2	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/panton-extrabold-webfont.woff2 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash a7c8838c61dd291872fbacdac48b4705dd05bb0bbc5a3c78c7dab0f9e5cd3a0b Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-4bbc" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7IGWPsF%2BdvUSc6HByjhQPb6nWgpj%2BgRBIo%2BElNyHacOHEtwipih%2F6ZMpHAGNdJrH5ITyg2QxzvRawyDmo1YMDsz2ghrzoYY%2B7J23TcV%2BcsC6p59SM7pFgsObpKP4apferoakHHnAMo%2Brrf0btR0cLPjXjy7u4JtidW6GooB"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb06b8c2bbe-FRA alt-svc h3=":443"; ma=86400 content-length 19388
GET H2	200	panton-blackcaps-webfont.woff2 a101.bu-haftaki-kampanyalar.com/assets/dist/	15 KB 16 KB	66ms 64ms	Font font/woff2	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/panton-blackcaps-webfont.woff2 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash a70161f37507f085a46711dcc10d46b78c2520257b88e866c8f5644b8f53b411 Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-3ce4" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hHdbai03khoMOESacF2UgtfOx6R3meH%2BQlEC7TSzvqdBb%2FrUUpc%2FzbDoSreHzu59otSTrzb78DrW3UQInHmziI0B05mdHjNaqEnA19b1hZoDjJzcGR7dFRXo2tejYCy2Wq0G3ragi5EEOO1Tj2bp8cuDdlf3kyP%2FctstIhR"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb06b8e2bbe-FRA alt-svc h3=":443"; ma=86400 content-length 15588
GET H2	200	icomoon.ttf a101.bu-haftaki-kampanyalar.com/assets/dist/	23 KB 14 KB	66ms 64ms	Font font/ttf	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/icomoon.ttf Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash c77b40b3bd9ab1c5d2764e18e2a77fcca774318e011e64e669dde16d88f2167f Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64da341e-5b88" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUk9nahjT1vnX8sxb2jWiVBjRk7N%2F9C1%2B7K3KiI%2Bc94RSyhmP%2FwgWiYwZBiL7xVf%2F5vH2m0lPQZPwQwOEs5%2B91r4m1xzlfzUMIiy2nnTc6a83O8QhAQ1J7%2FXmFLdVb0XjKU1NFb9V2Dh2h118zUyKbz5J1C1PSkTRJBpkQuU"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 cf-ray 7fad5bb06b902bbe-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cookie-seal.js Show response assets.cookieseal.com/	22 KB 22 KB	97ms 18ms	Script application/javascript	35.241.28.184 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://assets.cookieseal.com/cookie-seal.js Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.28.184 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.28.241.35.bc.googleusercontent.com Software nginx/1.25.1 / Resource Hash 166ba90fa5b24d615a0d9bf2634ffceda614eff06295ed606a2f9c5c2a4e8934 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT via 1.1 google strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Wed, 16 Aug 2023 12:43:28 GMT server nginx/1.25.1 etag "64dcc470-573d" content-type application/javascript accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22333
GET H3	200	masterpass.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	7 KB 7 KB	76ms 76ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/masterpass.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 4e0053e0072437d256ef01c6054d4badaa52f7fdf14f96308751ec235b332e7f Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-1b52" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiFMdxb152A54d%2F9Xc4pbJTS3hREeL%2F9%2F6MdUzRrFAwqMFq4%2BDwKPuMNDwI2r%2FACdl6bg3Tjb8FZudQ6GJXFB7qQbQbI9sz1bYpX9aEdwXJeSoxDPWDu44ydOTd5%2B6SMpUD5TF3MbIX%2BjMmh%2Fn4eoGQ1zVRsOIGSlJM1g5hg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb14ef81983-FRA alt-svc h3=":443"; ma=86400 content-length 6994
GET H3	200	spinner.gif a101.bu-haftaki-kampanyalar.com/assets/img/	36 KB 37 KB	116ms 114ms	Image image/gif	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/spinner.gif Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 720a34208e705ce4bec9f40564316800c2c258ae0f0d2137493616ac1aeaad04 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-9034" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=481DqIUxthvhevx%2B6e%2FtdgKjj4M3sMUI5X0xHx288s7BYPvj7pSaTUa513cc9R1TZTxXtfqqf8t89DQH0Y6mwZzVliI5VpzPvaHcEgcVptb3v4vtMZD%2FnrBThujq06EJ2Mg9cs3CkW3d6PKLXMYWP0%2FPHvw3OtR5Ki2sTYCG"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f291983-FRA alt-svc h3=":443"; ma=86400 content-length 36916
GET H3	200	loading.svg a101.bu-haftaki-kampanyalar.com/assets/img/	8 KB 3 KB	87ms 85ms	Image image/svg+xml	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/loading.svg Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ee7609a8df604564a2ac17c7f8b968ac0a7e209c88cc5c74e7847ce7a3115d11 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64da341e-2074" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTSt8lrphCVLJLNH446p8Bshb6T4LlwXSZspntWEm7Pt5NbQdEwO3IGf2CuFXy8mfJNCcFdCjOqn18axcS4%2FQfS03NTDq4d9Lt2FY%2FabVzOtdcjWYHtBm91g9qRy2h%2FqrGBIGOda9llM8cZfw%2FIXVCXIZpGnt%2BPkhfJdQuQC"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7fad5bb16f2d1983-FRA alt-svc h3=":443"; ma=86400
GET H3	200	sms.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	9 KB 10 KB	103ms 101ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/sms.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash f4263a6c9f29fe22aee2cf0c15219a977f1650291a16a72b88cbdd7cea76e99f Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-2590" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1yV8Y9dYGHuNXI2MWk112Xd0C12%2FbZKXImCIntzMFIMz0PXBW3p9r6bLbLD1fcTFExcV%2BloYkS%2B0%2B4oFB8B6uMprA9ru1zYSPcxl2L%2Fi30zSe0D1fOYSqeAzrR9LRaoETWPZEJpiINRTwkPyIDZVutKYNwLkZ0F9RWjNLCl"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f301983-FRA alt-svc h3=":443"; ma=86400 content-length 9616
GET H3	200	masterpass_beyaz.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	7 KB 8 KB	105ms 104ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/masterpass_beyaz.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 10d3f60eb24d93c18139b62dd1cd0b80d799b8c7934a6fc56d85b7f0f32cb950 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-1cf5" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7isL9WypnOtLO%2FYBWr%2BWFgrMUwe%2FSwV65A2nKX6bz2rDxD7AKP3PWBhos12TcKbrnwjR%2BDbOGfOM2DMekfr2iOKEJzyD21k7%2Fn7Bc4guP62E74SkTz7adtB4bwI9%2BZWjmQ2n%2F2tAgszUhzckdYJFvjulrr9xnjA%2BxoiE%2BroV"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f341983-FRA alt-svc h3=":443"; ma=86400 content-length 7413
GET H3	200	bankasms.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	11 KB 11 KB	133ms 132ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/bankasms.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 06754484ec5b742040277be5f2984b2accd06fbad547dffbd7bc3ac366388c3c Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-2a1d" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfS6clHtFiFYxA5WOEXN87MX7u3RO1GMXjQZkS9fC0mmox6VW%2FxNkn8A%2BOu%2B2czyjvhPXTQ73e48IQqVyzpXVhqHNRJ99waU%2B7cuFnwTboO7o6C105SaPJThHamldnmjs4ITP7yUTSh8xY0cnLFbmnGodi63EjqkLiyQm%2FW0"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f361983-FRA alt-svc h3=":443"; ma=86400 content-length 10781
GET H3	200	kart.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	8 KB 8 KB	154ms 153ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/kart.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash beac748cb915313120b70df4daee25e1b21dca05dc708b1b2ba2cd33b54c7ab8 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-1edf" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YkLk6jBRn%2B750TYc2X7kvAULbzFrxi%2Bt%2F7RK%2BPq2wKH3UPXo116cf9%2BVeo553HtJubxfQ5Ho%2By0PVsiAHh1mbmJr%2BW%2Ftv%2FxPwvx26lihxG8XwE3HQdBPKfL7qQUTalLkoOA8jtc2bYodtEV6lamVk7DhKgh%2BagRPkekqLUg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f3b1983-FRA alt-svc h3=":443"; ma=86400 content-length 7903
GET H3	200	spinner.gif a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	36 KB 37 KB	143ms 142ms	Image image/gif	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/spinner.gif Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 720a34208e705ce4bec9f40564316800c2c258ae0f0d2137493616ac1aeaad04 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-9034" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBt3beX1dhpjgIrorVIksmMqYnooCpKskRZYGFsazPKuaFkabetwn2U5%2BuNJrBjhH0XV0TbXY3XOpS%2BkwbM%2BKI2Sbak%2Br%2B5F2V0MMEGdSE37BEZCI8%2BFy%2B3gQo69DTyRAJ8PUajOLk24Q1f35M%2BlzEMpd5dAlb%2BQR8pUfDV0"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f3c1983-FRA alt-svc h3=":443"; ma=86400 content-length 36916
GET H3	200	check.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	12 KB 13 KB	131ms 130ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/check.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 4808ed599659ff3aed5fdb7f69b419286efe61f631793dcf9be5c48f23d50d89 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-310b" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJ5Od8S%2BukO1jbatVDzMZMN03cv7FyCxlY2CztBDLI%2F58tIQ8AWexaSSSY%2FB%2BK1kyqd1ErQC%2F23hY%2F28DQrpeEZ8DyVfW1wf7%2F9jHQgcKZ1fYA2aBq4bYh08%2FwwZ8iNTUcUfCEBYuvfzbAKEQ29uNbbCd749VvxJt7YnndYH"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f3f1983-FRA alt-svc h3=":443"; ma=86400 content-length 12555
GET H3	200	exclamation.png a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/	3 KB 4 KB	133ms 133ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/masterpass/exclamation.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash bbce17542003b98c18f247e3ec52a0b317cb9ad00af58c2c95240ea090eb1f69 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-cdd" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyiDO1tBlA14AB9xJOIGoI3PY9eiPjrMh1UVzjLAk6fU2ZfAE2SfvkKySae%2BJmaGbsPUhNq5Phz1TPA0J8kx0DjksffUacah8Z9aA3%2FBO3%2FjKaggmSTbV5xib005Urg2JpqO9KRsNp0dBDG8d0raYeNjN%2FSQK42xRcf1KOKI"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb16f421983-FRA alt-svc h3=":443"; ma=86400 content-length 3293
GET H3	200	email-decode.min.js Show response a101.bu-haftaki-kampanyalar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	12ms 11ms	Script application/javascript	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 17 Aug 2023 10:58:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64ddfd41-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHi8JGO5%2Bt1H8iIp8WfybBCyj79I4QOMuGfXJdfB6irz9IiKDCQJ4HU%2BIDEiP%2BDSNCjulGxQ8sEVvjx%2FbNHgWJQocaFMxJqK1bEuAibbDDSjHQYIa%2FlBjr%2FE6cn7agsjGg1zbFCVrOPIuf50bH4O%2Fg3IQCzcTdz3fDeH8bbe"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7fad5bb0fe671983-FRA expires Thu, 24 Aug 2023 19:00:21 GMT
GET H3	200	bundle.js Show response a101.bu-haftaki-kampanyalar.com/assets/js/	6 MB 823 KB	80ms 80ms	Script application/javascript	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/js/bundle.js Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 0f6513ba397d51bd1acd2edfb48382f75563c2a5ee6d1bfebe3d466f4e1819fd Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64da341c-65e468" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pKsgZrJYL%2BiYeRzackwEkNWvX4Ka2x1mMJ6z%2FcwoEN%2FbQaK1NUQf5M9tH6a2txCUwuRoNuZ%2BtGXg6lYceVzndnfh5%2FiXtZTVf%2Bf0sz5SZUJbBOGq8vtHqttl4aredO7FShd%2FA8kY91deQ6zxDGlnxuqbfTtgxU%2BLJyFTV15"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7fad5bb11e991983-FRA alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	48ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/assets/dist/stylePaymentForm.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 22 Aug 2023 19:00:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 22 Aug 2023 17:47:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 22 Aug 2023 19:00:21 GMT
GET H3	200	sprite.png a101.bu-haftaki-kampanyalar.com/assets/dist/	61 KB 62 KB	155ms 155ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/sprite.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/assets/dist/stylePaymentForm.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ba386edc229bd50eee0c24ed52b25d44825968d8e6788943de9155144a4e5647 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/assets/dist/stylePaymentForm.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-f48d" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NVCPqti9YszDG7%2FLapWetZKcRD46ua7YgCtM3QOhS8ooj5u4%2Fed0QaR4%2Bc3RMBVTTqYDt8XcoZ3MIUHSR3l0ZHAG6PX2k0FKcG0cya3EFG9Ti7oArPdg9VbafwcBMQ8KDs7KNdNlCfJhPH4S6Pz0M0UaWfczkb1VOooZ%2BzM"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb18f631983-FRA alt-svc h3=":443"; ma=86400 content-length 62605
GET H3	200	af7ae505a9eed503f8b8e6982036873e.woff2 a101.bu-haftaki-kampanyalar.com/assets/dist/	75 KB 76 KB	166ms 166ms	Font font/woff2	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/assets/dist/af7ae505a9eed503f8b8e6982036873e.woff2 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/assets/dist/stylePaymentForm.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://a101.bu-haftaki-kampanyalar.com/assets/dist/stylePaymentForm.css Origin https://a101.bu-haftaki-kampanyalar.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341c-12d68" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1TmNZloVr5o57X7N3pXqh8VobidmSG6ckLjycbn7P8JBHAVdIOy0q4UGNyu56jGhdHooJK0AqaYn0L7Bn7uddYnnAurfwgoBE4u2uRafyTadVc%2FKN%2FL4NGiQthKJK57c6fT8FYQkMLTTnQjN5FnK9SIE1ZcBQWJmQYFgSSh"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb18f671983-FRA alt-svc h3=":443"; ma=86400 content-length 77160
GET H3	200	logo%40a101-2x.png a101.bu-haftaki-kampanyalar.com/assets/img/	20 KB 21 KB	141ms 139ms	Image image/png	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a101.bu-haftaki-kampanyalar.com/assets/img/logo%40a101-2x.png Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ef8d8945cfc6c4abadd2679d4e37a57eaf920fc5a58c9e588128d6d5f6adbfa3 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT cf-cache-status MISS last-modified Mon, 14 Aug 2023 14:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64da341e-5174" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=454vcsFyOinnZaJlin%2BDKt6qYWK9P%2FOH2argpiIdoDDoNtL9wKa5dpheWaWM2OSxav8dRhTtdVmQ6E0PRYJhJBCAPbVPwQxT%2Fk%2BNfyQ6VJwyFqwp9XEvxh0LEN1p7P%2BR%2FBb7rXiPibyVeAW8g%2FpfNbC%2BuGoJcgUIFd0KIp2m"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7fad5bb19f881983-FRA alt-svc h3=":443"; ma=86400 content-length 20852
GET H2	200	gtm.js Show response www.googletagmanager.com/	433 KB 122 KB	117ms 58ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/assets/js/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5584b60b2ef6d87c5a31550c12b2418acc7c0980c383431c996f31abf3867843 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 124554 x-xss-protection 0 last-modified Tue, 22 Aug 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 22 Aug 2023 19:00:21 GMT
GET H3	404	/ Show response a101.bu-haftaki-kampanyalar.com/orders/checkout/	808 B 850 B	55ms 53ms	XHR text/html	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/orders/checkout/?format=json Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/assets/js/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Request headers Accept */* Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 21 Aug 2023 13:39:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BH66fSoqGCbydVQt7k%2B2vQq81DI%2Bb3mgcVEZYoW8ismGiMa7XphZAVfDt0bWXKwDCDBU3UZ4RskdyhnDUORgTJeLYGuDfgSf31410VBI2Re0L%2BXw4t49RStKGEUBiFBzaPXvtmBueHGBGnqxwAKhisDsrpDjVAvysBQLP41"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 7fad5bb46c071983-FRA alt-svc h3=":443"; ma=86400
GET H3	404	/ Show response a101.bu-haftaki-kampanyalar.com/baskets/basket/	808 B 852 B	53ms 51ms	XHR text/html	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/baskets/basket/ Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/assets/js/bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Request headers Accept */* Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 22 Aug 2023 19:00:21 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 21 Aug 2023 13:39:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT%2FvtWKdHO%2BaIv%2FSc2FCw4TTwlF2V8THT2q3t%2FEtBMLeQvEqFSLiZ9YwQSym55l8oSjZDmd210pDrzABre9NrfMzr4EnjBzyMRcUJA45JV0CwoeerE61lqkpFIYKUAnezzPhYQ55oE4PSbvzuO%2B6Afd4jmakawo9rPgZSARC"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 7fad5bb4ac691983-FRA alt-svc h3=":443"; ma=86400
GET H2	200	optimize.js Show response www.googleoptimize.com/	224 KB 68 KB	104ms 32ms	Script application/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=GTM-MRL4T8N Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e835f7661654acfa2814f0507491c6c4ce593660e640879ea26034b4f34a8c65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 68980 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 22 Aug 2023 19:00:22 GMT
GET H2	200	uc.js Show response consent.cookiebot.com/	107 KB 33 KB	54ms 13ms	Script application/javascript	2a02:26f0:480:d::210:f150 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/uc.js?cbid=c3954964-2d91-4175-9d9a-313049a31fb7&consentmode=disabled Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a07b710afdf48b7d0193cb6638c2b32459bc821bc6c920870722b538245eaa85 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef date Tue, 22 Aug 2023 19:00:22 GMT content-encoding gzip last-modified Mon, 07 Aug 2023 10:50:03 GMT etag "572697eb1cc9d91:0" vary Accept-Encoding content-type application/javascript access-control-expose-headers Request-Context cache-control public, max-age=449 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 33592 expires Tue, 22 Aug 2023 19:07:51 GMT
GET H2	200	segmentify.js Show response cdn.segmentify.com/984699e9-ea8b-4bf3-bfe7-beb4bb46276a/	288 KB 56 KB	64ms 15ms	Script application/javascript	31.3.2.72 MEDIANOVA-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.segmentify.com/984699e9-ea8b-4bf3-bfe7-beb4bb46276a/segmentify.js Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR), Reverse DNS Software MNCDN-2133 / Resource Hash 1d6a07bbc0c4375fa3db4a349a730a73f3915d0d22c92c5821065828b23529d3 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:20 GMT content-encoding gzip last-modified Tue, 20 Jun 2023 06:59:53 GMT server MNCDN-2133 x-mnrequest-id 67c8194b56a96bcaf7ebfa4e1d726bb3 x-edge-location DE-372 etag W/"64914e69-481c7" x-cache-status Edge : HIT, vary Accept-Encoding content-type application/javascript content-language Unset cache-control public, max-age=604800 x-mserver 2200
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	42ms 8ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 22 Aug 2023 17:49:43 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4239 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 22 Aug 2023 19:49:43 GMT
GET H2	200	hotjar-2486789.js Show response static.hotjar.com/c/	9 KB 4 KB	75ms 19ms	Script application/javascript	52.222.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2486789.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.149.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-149-81.cdg52.r.cloudfront.net Software / Resource Hash 537d3c09d99e3bb7fb5929055fa463dc990484d86c0ea674803be84f2b5c5234 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Tue, 22 Aug 2023 18:59:57 GMT via 1.1 873d6434b45dab39b9f50a4f2cbd92f6.cloudfront.net (CloudFront) x-amz-cf-pop CDG52-P1 age 25 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/3294e216af6606ee1fc64e844ae67cb5 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id XN9Q0cAu4ktEutW6YR6YiaAaVwLUTACgNHPWPyPmitkkX_PBqAK6cg==
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	216 KB 75 KB	274ms 56ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Tue, 22 Aug 2023 14:02:29 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "64e495c5-127ae" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 75694 expires Tue, 22 Aug 2023 20:00:22 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	40ms 8ms	Script application/x-javascript	2a02:26f0:3500:16::215:148d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 24 Jul 2023 09:07:54 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=67762 accept-ranges bytes content-length 4862
GET H2	200	dynamic_click_tag.js Show response img2-digitouch.mncdn.com/include/	0 305 B	61ms 13ms	Script application/javascript	31.3.2.84 MEDIANOVA-CDN
General Check archive.org Show headers Download Go to Full URL https://img2-digitouch.mncdn.com/include/dynamic_click_tag.js Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.3.2.84 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR), Reverse DNS Software MNCDN-2139 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:21 GMT last-modified Tue, 01 Dec 2020 09:14:24 GMT server MNCDN-2139 x-mnrequest-id fca918fa29a5a4d0f581e4e1ad594fed x-edge-location DE-372 etag "5fc60970-0" x-cache-status Edge : HIT, content-type application/javascript access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 0 x-mserver 2137 expires Wed, 23 Aug 2023 19:00:21 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	173 KB 47 KB	32ms 11ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 22 Aug 2023 19:00:22 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47412 x-xss-protection 0 pragma public x-fb-debug LrMedk+fqh9lYb8WnaY721Gk1CtFApTiTRUBf2Hwb/izngIZdzDsPV+RLH4V6CFkPGUo4kMXVYn2rtp8MtfoyA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sha256.min.js Show response cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/	9 KB 4 KB	37ms 15ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 10112311 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2977 last-modified Mon, 04 May 2020 16:11:50 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec6-2339" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlfN1HbRkQFRWbeJpBxSOt7%2FdR2JoU1Q1abRXc5Fv1uN9fdJNRFeIrcnJMRNJL478ylI0mxPd%2F6HjL3i4TIVZRkH2wx6%2BykhK9X8%2Fr8i3xMEoAwiBrFoX7w%2FyX52qiKJK7BoEojPdXS8SpK2wEd0efYQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7fad5bb5c9e71994-FRA expires Sun, 11 Aug 2024 19:00:22 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	248 KB 84 KB	27ms 26ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q65W25SM2S&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 12a233a20d9965cfe4342bad3be30919a63f3ad28776e9352d0e014b2563510c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86080 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 22 Aug 2023 19:00:22 GMT
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/5914481/domain/a101.bu-haftaki-kampanyalar.com/	36 B 369 B	326ms 159ms	XHR application/json	2600:9000:2171:da00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/5914481/domain/a101.bu-haftaki-kampanyalar.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2171:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://a101.bu-haftaki-kampanyalar.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding gzip via 1.1 3808ed40220bada3ae901e3a58b94244.cloudfront.net (CloudFront) x-amz-cf-pop CDG53-C1 vary accept-encoding x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id C5bFmsqkGMTENkQHHiC1Ud3F-di8BH-2Gv4wSK-DTgRhjlF1ndGUuQ==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5914481%26time%3D1692730822065%26url%3Dhttps%253A%252F%252Fa101.bu-haftaki-kampan... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true&liSync=true&e_ipv6=AQI4hnV6ztWkmwAAAY...	0 265 B	261ms 195ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true&liSync=true&e_ipv6=AQI4hnV6ztWkmwAAAYoenpB9wTpRNCbHI2YnyhtN8k0bze2TugKvLKdnXYdN07FG1N5t1rS16mVc Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: D12BD4F96259489495BBEE62F90CF986 Ref B: FRAEDGE2007 Ref C: 2023-08-22T19:00:22Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYDh5toNTAW4b5w4Vh+LQ== Redirect headers date Tue, 22 Aug 2023 19:00:22 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 0D44E965D897446DBCD60A849F546DF9 Ref B: FRAEDGE1211 Ref C: 2023-08-22T19:00:22Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5914481&time=1692730822065&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&cookiesTest=true&liSync=true&e_ipv6=AQI4hnV6ztWkmwAAAYoenpB9wTpRNCbHI2YnyhtN8k0bze2TugKvLKdnXYdN07FG1N5t1rS16mVc x-li-proto http/2 content-length 0 x-li-uuid AAYDh5tkRnPCmz1g5RCwZw==
GET H2	200	bc-v4.min.html Show response consentcdn.cookiebot.com/sdk/ Frame 5FF8	627 B 811 B	42ms 9ms	Document text/html	2a02:26f0:3500:887::f09 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consentcdn.cookiebot.com/sdk/bc-v4.min.html Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=c3954964-2d91-4175-9d9a-313049a31fb7&consentmode=disabled Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104 Request headers Referer https://a101.bu-haftaki-kampanyalar.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=31536000 content-encoding gzip content-length 392 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 22 Aug 2023 19:00:22 GMT etag "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163" expires Wed, 21 Aug 2024 19:00:22 GMT last-modified Mon, 04 Apr 2022 07:23:49 GMT server AkamaiNetStorage server-timing cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1692730822275_388276618_891145964_13_584_6_11_255";dur=1 vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mRUM,1
GET H2	200	cc.js Show response consent.cookiebot.com/c3954964-2d91-4175-9d9a-313049a31fb7/	387 B 615 B	43ms 42ms	Script application/x-javascript	2a02:26f0:480:d::210:f150 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/c3954964-2d91-4175-9d9a-313049a31fb7/cc.js?renew=false&referer=a101.bu-haftaki-kampanyalar.com&dnt=false&init=false Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=c3954964-2d91-4175-9d9a-313049a31fb7&consentmode=disabled Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c8221f44b6fc8f6a054c6e2a6436b13bb111b7069230f22f60e455d656068426 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT content-encoding gzip vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-expose-headers Request-Context cache-control private, max-age=60 cross-origin-resource-policy cross-origin content-length 378 request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
GET H2	200	modules.b2c67271bc39c80bf49b.js Show response script.hotjar.com/	223 KB 55 KB	53ms 11ms	Script application/javascript	18.173.233.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.b2c67271bc39c80bf49b.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2486789.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.233.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-233-11.dus51.r.cloudfront.net Software / Resource Hash 2b02e9de991d275184da0ca9bb8fa0a03e04f25a20d4c1145e55a590aed09fd2 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 09:17:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 f11ab4f93d35c4b95d55e40354b7ca2a.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P3 age 121396 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55645 last-modified Mon, 21 Aug 2023 09:16:38 GMT etag "674ca8f715ef21c2b8845405fb296155" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id JL9pQWHwbE_NvJO3SiqB4IwiDMWYSuZbav5e22QGJEKO2RubOuJHTg==
GET H2	200	a101.com.tr Show response signals.a101.com.tr/js/v4.21/	14 KB 14 KB	130ms 15ms	Script text/javascript	34.96.73.50 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://signals.a101.com.tr/js/v4.21/a101.com.tr Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.73.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 50.73.96.34.bc.googleusercontent.com Software nginx / Resource Hash 90ff1e03e795726e89aa7fe8d45078bce0dc408124e68014e985db8e554ec7d9 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 18:40:02 GMT via 1.1 google server nginx age 1220 content-type text/javascript;charset=UTF-8 cache-control max-age=3600, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14650
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10103.MSka_itBHevJ68-xshmdMBsbLvHTtl2-UbzjWmHGTeVDRVgU899g7fAuyA0nThVv.wlhdL-Qj0fAARj4Y-JR8G4uF4Qk%2C https://mc.yandex.com/sync_cookie_image_decide?token=10103.xvJcZSUg14gXlS4tYrldfT7pBugTXUeFUQR2TqqCeakkjPOAbW24cLtaTmZcR6sbV7Jbvvfq7rimkU7oiVSq4W8PB-T5Hnq4hl2I6Q2Myds%2C.z80qQlmDJOsleTEQbQBwt_8mUyQ%2C	43 B 67 B	46ms 46ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=10103.xvJcZSUg14gXlS4tYrldfT7pBugTXUeFUQR2TqqCeakkjPOAbW24cLtaTmZcR6sbV7Jbvvfq7rimkU7oiVSq4W8PB-T5Hnq4hl2I6Q2Myds%2C.z80qQlmDJOsleTEQbQBwt_8mUyQ%2C Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=10103.xvJcZSUg14gXlS4tYrldfT7pBugTXUeFUQR2TqqCeakkjPOAbW24cLtaTmZcR6sbV7Jbvvfq7rimkU7oiVSq4W8PB-T5Hnq4hl2I6Q2Myds%2C.z80qQlmDJOsleTEQbQBwt_8mUyQ%2C date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 114 B	53ms 52ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 last-modified Tue, 22 Aug 2023 14:02:29 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "64e495c5-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Tue, 22 Aug 2023 20:00:22 GMT
POST H3	200	/ Show response signals.a101.com.tr/push/	56 B 69 B	85ms 55ms	XHR text/html	34.96.73.50 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://signals.a101.com.tr/push/?woc=true&v=3.0.6700411298444053 Requested by Host: signals.a101.com.tr URL: https://signals.a101.com.tr/js/v4.21/a101.com.tr Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.73.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 50.73.96.34.bc.googleusercontent.com Software nginx / Resource Hash 596feacac20a145b122ec2bc8b043c3039e6195ca00590afda4a4c92339f304e Request headers Referer https://a101.bu-haftaki-kampanyalar.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com date Tue, 22 Aug 2023 19:00:22 GMT via 1.1 google server nginx alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8
GET H2	200	1 Show response mc.yandex.com/watch/84180178/ Redirect Chain https://mc.yandex.com/watch/84180178?wmode=7&page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiug... https://mc.yandex.com/watch/84180178/1?wmode=7&page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaii...	428 B 538 B	54ms 54ms	Fetch application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/84180178/1?wmode=7&page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A136731459689%3Ahid%3A612272147%3Az%3A120%3Ai%3A20230822210022%3Aet%3A1692730822%3Ac%3A1%3Arn%3A747575968%3Arqn%3A1%3Au%3A1692730822729148321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A50%2C25%2C56%2C8%2C%2C0%2C%2C627%2C71%2C%2C%2C%2C768%3Aco%3A0%3Acpf%3A1%3Ans%3A1692730821041%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692730823%3At%3AA101%20-%20Harca%20Harca%20Bitmez&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29&redirnss=1 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 71ec2814bfe8329f1b3cf85dcc07bde670e642d297c1a5cea73fd0adc7010079 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 22-Aug-2023 19:00:22 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 428 x-xss-protection 1; mode=block expires Tue, 22-Aug-2023 19:00:22 GMT Redirect headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 last-modified Tue, 22-Aug-2023 19:00:22 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/84180178/1?wmode=7&page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A136731459689%3Ahid%3A612272147%3Az%3A120%3Ai%3A20230822210022%3Aet%3A1692730822%3Ac%3A1%3Arn%3A747575968%3Arqn%3A1%3Au%3A1692730822729148321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A50%2C25%2C56%2C8%2C%2C0%2C%2C627%2C71%2C%2C%2C%2C768%3Aco%3A0%3Acpf%3A1%3Ans%3A1692730821041%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692730823%3At%3AA101%20-%20Harca%20Harca%20Bitmez&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29&redirnss=1 access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 22-Aug-2023 19:00:22 GMT
GET H2	200	sync_cookie_image_decide_secondary mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check_secondary https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10103.Wni_0FyQqR_WNNBYV3-SiP8PPkd1crhA0tncD0fTqueXno5W_wizSsUi3h0YX21G.81YojFWn-zDcQ75sIZ-c1avQ80U%2C https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10103.8fv6RmfC5e2rTzyes8hY__5IqmKVv-3bbuNvvJThJEZgxdRh_U0yq5rudLF6jZxssGyFedI0X-HxOJ_mILslWXk8mlNjCadH2dirUknAVoU%2C.Y-WR3HmUMShXuHKFV...	43 B 91 B	54ms 54ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10103.8fv6RmfC5e2rTzyes8hY__5IqmKVv-3bbuNvvJThJEZgxdRh_U0yq5rudLF6jZxssGyFedI0X-HxOJ_mILslWXk8mlNjCadH2dirUknAVoU%2C.Y-WR3HmUMShXuHKFVtgD1wYFAUM%2C Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10103.8fv6RmfC5e2rTzyes8hY__5IqmKVv-3bbuNvvJThJEZgxdRh_U0yq5rudLF6jZxssGyFedI0X-HxOJ_mILslWXk8mlNjCadH2dirUknAVoU%2C.Y-WR3HmUMShXuHKFVtgD1wYFAUM%2C date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
POST H2	200	landing pagead2.googlesyndication.com/pagead/	42 B 455 B	81ms 44ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1748925469.1692730823&url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&gtm=45He38l0n81WGSGG57 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGSGG57&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	src=9498078;dc_pre=CJ_Im9v58IADFbWSgwgd-agJ8A;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fa101.bu-haft... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=9498078;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2... https://ade.googlesyndication.com/ddm/activity/src=9498078;dc_pre=CJ_Im9v58IADFbWSgwgd-agJ8A;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...	42 B 118 B	130ms 130ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=9498078;dc_pre=CJ_Im9v58IADFbWSgwgd-agJ8A;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php? Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H2 Server 142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=9498078;dc_pre=CJ_Im9v58IADFbWSgwgd-agJ8A;type=invmedia;cat=a101r0;ord=8388220672379;gtm=45He38l0;gcs=G100;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 18:23:09 GMT content-encoding br x-content-type-options nosniff age 2233 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1129 x-xss-protection 0 last-modified Tue, 27 Jun 2023 17:28:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 22 Aug 2023 19:23:09 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 265 B	60ms 26ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q65W25SM2S&gtm=45je38l0&_p=67878645&gcs=G100&cid=779501148.1692730823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692730822&sct=1&seg=0&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dt=A101%20-%20Harca%20Harca%20Bitmez&en=page_view&_fv=1&_ss=2&up.custom_client_id=. Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q65W25SM2S&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	53ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q65W25SM2S&gtm=45je38l0&_p=67878645&gcs=G100&cid=779501148.1692730823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&cu=TRY&sid=1692730822&sct=1&seg=0&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dt=A101%20-%20Harca%20Harca%20Bitmez&en=add_shipping_info&pr1=id26040623~nmPhilips%2065PUS8007%2065%22%204K%20Ultra%20HD%20Uydu%20Al%C4%B1c%C4%B1l%C4%B1%20Android%20Smart%20LED%20TV~pr22499~brPhilips~va~qt1~k0dimension10~v0ALDIN%20ALDIN~k1dimension11~v1Online%20Sat%C4%B1%C5%9Fa%20%C3%96zel~k2dimension13~v2~k3dimension14~v326040623~k4dimension15~v426040623~k5dimension16~v5%2022499%20~k6dimension17~v6indirimsiz~k7dimension18~v7~k8dimension30~v868618&epn.value=22499&_et=6 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q65W25SM2S&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	46ms 26ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q65W25SM2S&gtm=45je38l0&_p=67878645&gcs=G100&cid=779501148.1692730823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1692730822&sct=1&seg=0&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dt=A101%20-%20Harca%20Harca%20Bitmez&en=scroll&epn.percent_scrolled=90&_et=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q65W25SM2S&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	15ms 15ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=67878645&t=pageview&_s=1&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dr=&ul=en-us&de=UTF-8&dt=A101%20-%20Harca%20Harca%20Bitmez&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHAAiAABFAAAAAAFKk~&cid=779501148.1692730823&tid=UA-25803761-5&_gid=1358736435.1692730823&gtm=45He38l0n81WGSGG57&cg1=Checkout&cg2=%2Ftamamla.php&cd4=Checkout&cd5=%2Ftamamla.php&cd6=&gcs=G100&cd7=779501148.1692730823&z=687562322 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 16:09:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 10253 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	16ms 15ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=67878645&t=pageview&_s=1&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dr=&ul=en-us&de=UTF-8&dt=A101%20-%20Harca%20Harca%20Bitmez&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHgAiAABFAAAAAAFKk~&cid=779501148.1692730823&tid=UA-25803761-7&_gid=2007400388.1692730823&gtm=45He38l0n81WGSGG57&cg1=Checkout&cg2=%2Ftamamla.php&cd4=Checkout&cd5=%2Ftamamla.php&cd6=&gcs=G100&z=40627661 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 16:09:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 10253 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	11ms 10ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=67878645&t=event&ni=0&_s=1&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dr=&ul=en-us&de=UTF-8&dt=A101%20-%20Harca%20Harca%20Bitmez&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Checkout&el=Adres&ev=0&_u=aHgAiAALFAAAAAANKk~&cid=779501148.1692730823&tid=UA-25803761-5&_gid=86778112.1692730823&gtm=45He38l0n81WGSGG57&cg1=Checkout&cg2=%2Ftamamla.php&cd4=Checkout&cd5=%2Ftamamla.php&cd6=&gcs=G100&cd7=779501148.1692730823&cos=3&pa=checkout&pr1nm=Philips%2065PUS8007%2065%22%204K%20Ultra%20HD%20Uydu%20Al%C4%B1c%C4%B1l%C4%B1%20Android%20Smart%20LED%20TV&pr1pr=22499&pr1qt=1&pr1br=Philips&pr1va=&pr1ca=&pr1cd10=ALDIN%20ALDIN&pr1cd11=Online%20Sat%C4%B1%C5%9Fa%20%C3%96zel&pr1cd13=&pr1cd14=26040623&pr1cd15=26040623&pr1cd16=%2022499%20&pr1cd17=indirimsiz&pr1cd18=&pr1cd30=68618&pr1id=26040623&z=290311077 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 16:09:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 10253 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	11ms 11ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=67878645&t=event&ni=1&_s=1&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&dr=&ul=en-us&de=UTF-8&dt=A101%20-%20Harca%20Harca%20Bitmez&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Checkout&ev=0&_u=aHgAiAALFAAAAAANKk~&cid=779501148.1692730823&tid=UA-25803761-7&_gid=1179159647.1692730823&gtm=45He38l0n81WGSGG57&cg1=Checkout&cg2=%2Ftamamla.php&cd4=Checkout&cd5=%2Ftamamla.php&cd6=&gcs=G100&cos=3&pa=checkout&pr1nm=Philips%2065PUS8007%2065%22%204K%20Ultra%20HD%20Uydu%20Al%C4%B1c%C4%B1l%C4%B1%20Android%20Smart%20LED%20TV&pr1pr=22499&pr1qt=1&pr1br=Philips&pr1va=&pr1ca=&pr1cd10=ALDIN%20ALDIN&pr1cd11=Online%20Sat%C4%B1%C5%9Fa%20%C3%96zel&pr1cd13=&pr1cd14=26040623&pr1cd15=26040623&pr1cd16=%2022499%20&pr1cd17=indirimsiz&pr1cd18=&pr1cd30=68618&pr1id=26040623&z=233308672 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 16:09:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 10253 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	1 mc.yandex.com/watch/84180178/	43 B 303 B	48ms 48ms	Ping image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/84180178/1?page-url=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&charset=utf-8&ut=noindex&hittoken=1692730822_7550601830a158f031943aedddfccbf8709ac5c97dcc6acf46f661b6ce816904&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A1%3Als%3A136731459689%3Ahid%3A612272147%3Az%3A120%3Ai%3A20230822210022%3Aet%3A1692730823%3Ac%3A1%3Arn%3A986939642%3Arqn%3A2%3Au%3A1692730822729148321%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1692730821041%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692730823&t=gdpr(14%2C14)mc(p-1)clc(0-0-0)rqnt(2)lt(25500)aw(1)ecs(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ecommerce%22%3A%5B%7B%22checkout%22%3A%7B%22actionField%22%3A%7B%22step%22%3A3%7D%2C%22products%22%3A%5B%7B%22sku%22%3A%2226040623%22%2C%22name%22%3A%22Philips%2065PUS8007%2065%5C%22%204K%20Ultra%20HD%20Uydu%20Al%C4%B1c%C4%B1l%C4%B1%20Android%20Smart%20LED%20TV%22%2C%22price%22%3A22499%2C%22quantity%22%3A1%2C%22brand%22%3A%22Philips%22%2C%22variant%22%3A%22%22%2C%22category%22%3A%22%22%2C%22dimension10%22%3A%22ALDIN%20ALDIN%22%2C%22dimension11%22%3A%22Online%20Sat%C4%B1%C5%9Fa%20%C3%96zel%22%2C%22dimension13%22%3A%22%22%2C%22dimension14%22%3A%2226040623%22%2C%22dimension15%22%3A%2226040623%22%2C%22dimension16%22%3A%22%2022499%20%22%2C%22dimension17%22%3A%22indirimsiz%22%2C%22dimension18%22%3A%22%22%2C%22dimension30%22%3A%2268618%22%2C%22id%22%3A%2226040623%22%7D%5D%7D%7D%5D%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:22 GMT strict-transport-security max-age=31536000 last-modified Tue, 22-Aug-2023 19:00:22 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://a101.bu-haftaki-kampanyalar.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 22-Aug-2023 19:00:22 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	10ms 9ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&t=pageview&tid=UA-25803761-9&cid=779501148.1692730823&gcs=G111&dl=https%3A%2F%2Fa101.bu-haftaki-kampanyalar.com%2Ftamamla.php&de=UTF-8&dr=&dt=A101%20-%20Harca%20Harca%20Bitmez&cd7=779501148.1692730823&cd8=779501148.1692730823&gtmcb=1305404911 Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://a101.bu-haftaki-kampanyalar.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Tue, 22 Aug 2023 16:09:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 10254 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	200	check.php Show response a101.bu-haftaki-kampanyalar.com/	0 535 B	50ms 49ms	XHR text/html	2606:4700:3031::ac43:839b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a101.bu-haftaki-kampanyalar.com/check.php Requested by Host: a101.bu-haftaki-kampanyalar.com URL: https://a101.bu-haftaki-kampanyalar.com/tamamla.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:839b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30, PleskLin Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://a101.bu-haftaki-kampanyalar.com/tamamla.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 22 Aug 2023 19:00:26 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.0.30, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRVTsc8PWsHPFkImHyIuptyrziYLa7Dj5LYoxsvY67O8Ikjo08m0NUAwQjrB6TZvcAqpWwIriJ8X3Yn7mMb34ADqn2QPR3vcLUtyleBtfyh%2FK0PgFmedZ%2BkVewIUxw7QluSQtncVPcqITVYOUBw58MCG05uKQ8%2F6c4pLYRBV"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 7fad5bd38e031983-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT