website-kampanyalarim.site Open in urlscan Pro
3.123.31.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://website-kampanyalarim.site/
Submission: On July 24 via api (July 24th 2023, 8:57:34 am UTC) from TR — Scanned from DE

Summary HTTP 104 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 47 domains to perform 104 HTTP transactions. The main IP is 3.123.31.56, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is website-kampanyalarim.site.
TLS certificate: Issued by R3 on July 23rd 2023. Valid for: 3 months.

This is the only time website-kampanyalarim.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	3.123.31.56 3.123.31.56	16509 (AMAZON-02) (AMAZON-02)
1	5.159.251.32 5.159.251.32	41296 (ABH) (ABH)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 1	54.170.121.144 54.170.121.144	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.19 65.9.66.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:7::... 2606:4700:7::a29f:863d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	185.57.65.125 185.57.65.125	9215 (VMIND) (VMIND)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	18.192.88.195 18.192.88.195	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.127.191.217 3.127.191.217	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	184.30.25.51 184.30.25.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.209.244.112 52.209.244.112	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	54.78.144.7 54.78.144.7	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.156.26.24 35.156.26.24	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4280:b760:f1:8e5d:af71	14618 (AMAZON-AES) (AMAZON-AES)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.83.16 52.210.83.16	16509 (AMAZON-02) (AMAZON-02)
1	35.158.16.209 35.158.16.209	16509 (AMAZON-02) (AMAZON-02)
1	52.212.62.24 52.212.62.24	16509 (AMAZON-02) (AMAZON-02)
1	3.22.177.214 3.22.177.214	16509 (AMAZON-02) (AMAZON-02)
104	57

22 3.123.31.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com

website-kampanyalarim.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.159.251.32 (Turkey)

ASN41296 (ABH, TR)
PTR: mailorder.garenta.com.tr

images.garenta.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.121.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-121-144.eu-west-1.compute.amazonaws.com

cdn.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-19.fra56.r.cloudfront.net

ntm.netmera-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)

garenta.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

8901912.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.57.65.125 (Istanbul, Turkey)

ASN9215 (VMIND, TR)

wsdkapi.netmera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.88.195 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-88-195.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.191.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-191-217.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.244.112 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-244-112.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.144.7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-144-7.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.26.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-26-24.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:b760:f1:8e5d:af71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.83.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-83-16.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.16.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-16-209.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.62.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-62-24.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.22.177.214 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-177-214.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	website-kampanyalarim.site website-kampanyalarim.site	20 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 437 mug.criteo.com — Cisco Umbrella Rank: 2484 sslwidget.criteo.com — Cisco Umbrella Rank: 1845 dis.criteo.com — Cisco Umbrella Rank: 607	13 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 8901912.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 120 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	5 KB
6	netmera.com wsdkapi.netmera.com — Cisco Umbrella Rank: 84354	11 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2709 adservice.google.com — Cisco Umbrella Rank: 117	2 KB
5	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 4332 s2.adform.net — Cisco Umbrella Rank: 7469 cm.adform.net — Cisco Umbrella Rank: 1301	33 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 458	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	249 B
4	google.de www.google.de — Cisco Umbrella Rank: 5791	689 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	188 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	222 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 741 script.hotjar.com — Cisco Umbrella Rank: 932	73 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	3 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 673	877 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 211	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1570	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 355	880 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 161	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	192 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4828	87 KB
2	netmera-web.com 1 redirects cdn.netmera-web.com — Cisco Umbrella Rank: 73819 ntm.netmera-web.com — Cisco Umbrella Rank: 74075	17 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2147	267 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 639	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2027	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2271	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4477	400 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2500	400 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 788	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 792	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1261	877 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2966	265 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 439	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 901	342 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 323	125 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2066	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1327	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 588	358 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 634	793 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 4923	18 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1234	57 KB
1	useinsider.com garenta.api.useinsider.com	686 B
1	garenta.com.tr images.garenta.com.tr	61 KB
104	47

	Domain	Requested by
22	website-kampanyalarim.site	website-kampanyalarim.site
6	wsdkapi.netmera.com	cdn.netmera-web.com
5	gum.criteo.com	4 redirects static.criteo.net
4	www.facebook.com	website-kampanyalarim.site
4	www.google.de	website-kampanyalarim.site 8901912.fls.doubleclick.net
4	www.google.com	1 redirects website-kampanyalarim.site
3	track.adform.net	2 redirects website-kampanyalarim.site
3	connect.facebook.net	website-kampanyalarim.site connect.facebook.net
3	fonts.googleapis.com	website-kampanyalarim.site
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.googleadservices.com	8901912.fls.doubleclick.net www.googleadservices.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	static.hotjar.com	www.googletagmanager.com website-kampanyalarim.site
2	8901912.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	website-kampanyalarim.site www.googletagmanager.com
2	netdna.bootstrapcdn.com	website-kampanyalarim.site netdna.bootstrapcdn.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com	website-kampanyalarim.site
1	adservice.google.com	8901912.fls.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	s2.adform.net	website-kampanyalarim.site
1	cdn.mxpnl.com	website-kampanyalarim.site
1	static.criteo.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	garenta.api.useinsider.com	website-kampanyalarim.site
1	ntm.netmera-web.com	website-kampanyalarim.site
1	cdn.netmera-web.com	1 redirects
1	images.garenta.com.tr	website-kampanyalarim.site
104	61

This site contains links to these domains. Also see Links.

Domain
uzundonem.garenta.com.tr
www.garenta.com.tr
www.anadolugrubu.com.tr
www.celikmotor.com
www.ikinciyeni.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
twitter.com
apps.apple.com
play.google.com
careers.anadolukariyerim.com

Subject Issuer	Validity	Valid
website-kampanyalarim.site R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.garenta.com.tr GlobalSign RSA OV SSL CA 2018	`2023-01-11` - `2024-02-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.netmera.com Go Daddy Secure Certificate Authority - G2	`2023-05-25` - `2024-06-25`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://website-kampanyalarim.site/
Frame ID: 69C023A9B6B4526D61AAB1B2C3F8AC6E
Requests: 66 HTTP requests in this frame

Frame: https://8901912.fls.doubleclick.net/activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F
Frame ID: 10D0E8A1A24D5F3C80144DFD5BC52279
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag
Frame ID: 72CA3C9117A5BA54C34B04AD15127E15
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30
Frame ID: A4941B0D2EA424A8E008FB9F2E58CDA6
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Denizbank Afili Bonus Kart Kampanyası - Garenta

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

104
Requests

87 %
HTTPS

33 %
IPv6

47
Domains

61
Subdomains

57
IPs

10
Countries

1067 kB
Transfer

2903 kB
Size

53
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://uzundonem.garenta.com.tr/
Title: Uzun Dönem Kiralama

Search URL Search Domain Scan URL

URL: https://www.garenta.com.tr/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: http://www.anadolugrubu.com.tr/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: http://www.celikmotor.com/anasayfa?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://www.garenta.com.tr/

Search URL Search Domain Scan URL

URL: https://www.ikinciyeni.com/?utm_source=garentaday&utm_medium=referral&utm_campaign=footer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Garenta

Search URL Search Domain Scan URL

URL: https://www.instagram.com/accounts/login/?next=/garenta/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/garenta/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GarentaTR

Search URL Search Domain Scan URL

URL: https://twitter.com/Garentatr

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/garenta/id1107610443?l=tr

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=acropole.garenta&hl=tr&gl=US

Search URL Search Domain Scan URL

URL: https://careers.anadolukariyerim.com/
Title: İnsan Kaynakları

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g HTTP 302
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

Request Chain 33

https://8901912.fls.doubleclick.net/activityi;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F HTTP 302
https://8901912.fls.doubleclick.net/activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Request Chain 39

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 59

https://track.adform.net/Serving/TrackPoint/?pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=64523099486&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=64523099486&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 60

https://gum.criteo.com/sid/json?origin=onetag&domain=website-kampanyalarim.site&sn=ChromeSyncframe&so=0&topUrl=website-kampanyalarim.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=N1PIf3xVeUxHbXRLbWMrU2RjL1hldjJkVW5xM1pLQm5sNHBvS2k2MC9hRzdsWXJ4RS9ERjV2OFJablFlRlozaFR4QXhRSERRbWN2ZWxpMmo1YWE4NllCZ2R2SytCWTRuN1dVWmpLYXR6SDZXUFZSS0ZLVmNCTjdBS3VDUkVIRzVBT3ptZkxjYzZFanhaaWNpalh2dVVXY1NnVEtOTldOQk9EWVZpQUQvaDZ6YitYVUZtTlZIeXR4c1I2UmxtQm1zVHg4SW9TRlgwYTduM0d3MmRXeXRaWG8rZElodVZkUEpGM0M5TDY4Sm1TMnVqd2hhZXJsYnVSbTU2S0xuTmRxZlgvbS9WUVZzN1hQRHlkeE9wcVFGb0xIcTJtMDYraVpldzVqVEgzRzlCUHdGMXUxUT18&cppv=2

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMzotu78poADFbhXkQUd7DwBwA%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D6454179793372%3Bauiddc%3D2049298595.1690189048%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-Dy-ZOeWF7OU7_UP0OWs8A0&sscte=1&crd=&pscrd=IhMI5_LT7vymgAMVM8q7CB3QMgve HTTP 302
https://www.google.com/pagead/1p-conversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMzotu78poADFbhXkQUd7DwBwA%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D6454179793372%3Bauiddc%3D2049298595.1690189048%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_LT7vymgAMVM8q7CB3QMgve&is_vtc=1&ocp_id=-Dy-ZOeWF7OU7_UP0OWs8A0&cid=CAQSKQBpAlJWxZWbjCfoEX58X80TkhzfRltkztdgcyVvEdTaWjMIeycrKH-r&random=2822473329&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMzotu78poADFbhXkQUd7DwBwA%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D6454179793372%3Bauiddc%3D2049298595.1690189048%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_LT7vymgAMVM8q7CB3QMgve&is_vtc=1&ocp_id=-Dy-ZOeWF7OU7_UP0OWs8A0&cid=CAQSKQBpAlJWxZWbjCfoEX58X80TkhzfRltkztdgcyVvEdTaWjMIeycrKH-r&random=2822473329&resp=GooglemKTybQhCsO&ipr=y

Request Chain 72

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vMXFIqLkKYW64mXZD_nXpq3sqv7r-avAIMc9pQ&google_cm&google_hm=ay12TVhGSXFMa0tZVzY0bVhaRF9uWHBxM3NxdjdyLWF2QUlNYzlwUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vMXFIqLkKYW64mXZD_nXpq3sqv7r-avAIMc9pQ&google_gid=CAESEA5GA5pWJWUN746plEAMNcE&google_cver=1&google_ula=913071,0

Request Chain 74

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7399983653937992733

Request Chain 75

https://secure.adnxs.com/setuid?entity=52&code=k-C1WAqaLkKYW64mXZD_nXpq3sqv7Td-PUpLEl7A HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-C1WAqaLkKYW64mXZD_nXpq3sqv7Td-PUpLEl7A

Request Chain 86

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-d7qxYaLkKYW64mXZD_nXpq3sqv5tHS0Zc0QABA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-d7qxYaLkKYW64mXZD_nXpq3sqv5tHS0Zc0QABA&C=1

Request Chain 87

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kngB1ctRq1DnUuIp4nXgQNXtQEjuM66V HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kngB1ctRq1DnUuIp4nXgQNXtQEjuM66V

Request Chain 89

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jQhImaLkKYW64mXZD_nXpq3sqv6k1aDYq-RtmA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jQhImaLkKYW64mXZD_nXpq3sqv6k1aDYq-RtmA

Request Chain 98

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cOsx9292R4VqtSnDYoo2PCZWzvVGtAS6

Request Chain 99

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XiD2ZjyOXGt7wM91InZPWNPwcFFNdLNx

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
website-kampanyalarim.site/ 45 KB
9 KB 362ms
20ms Document
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.0.29 PleskLin
Resource Hash: 88428020331bd2923c769d7dbacc79219db0d1a4d6e54affc2ad81712477b063

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 9429
content-type: text/html; charset=UTF-8
date: Mon, 24 Jul 2023 08:57:27 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.29 PleskLin

GET
H2 404 layoutcss
website-kampanyalarim.site/Content/assets/ 0
0 15ms
14ms Stylesheet
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/layoutcss?v=23GcvFvbxnWA3tRNkzzdQ-uMepEn0x1qtLq4Z9-gvQw1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta-logo.png
website-kampanyalarim.site/Content/assets/images/ 808 B
808 B 14ms
13ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/Content/assets/images/garenta-logo.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H/1.1 200
OK 22705fa1-f617-4c28-a1ba-cf7daf6b900e.png
images.garenta.com.tr/CollabrationImages/afili-bonus-kart-yuzde-38-indirim/ 61 KB
61 KB 215ms
69ms Image
image/png 5.159.251.32
ABH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.garenta.com.tr/CollabrationImages/afili-bonus-kart-yuzde-38-indirim/22705fa1-f617-4c28-a1ba-cf7daf6b900e.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.159.251.32 , Turkey, ASN41296 (ABH, TR),
Reverse DNS: mailorder.garenta.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7993590ef120800ae890a068d78d219cdb797b35c3c65e3f6afc2860bc44413e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 08:57:27 GMT
Last-Modified: Thu, 22 Jun 2023 10:44:24 GMT
Server: Microsoft-IIS/8.5
ETag: "e5b6b582f6a4d91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: none
Content-Length: 62414
Expires: Mon, 01 May 2023 00:00:00 GMT

GET
H2 404 garenta-logo.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 66ms
54ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta-logo.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 Logo_Anadolu.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 65ms
53ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/Logo_Anadolu.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 celik_motor_footer_new.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 71ms
59ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/celik_motor_footer_new.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta_logo_footer_new.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 121ms
109ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta_logo_footer_new.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 ikinci_yeni_logo_new_footer.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 111ms
100ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/ikinci_yeni_logo_new_footer.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 faceico_2.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 78ms
66ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/faceico_2.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 instaico2.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 57ms
45ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/instaico2.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 linkico1.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 122ms
110ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/linkico1.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 youtubeico1.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 123ms
112ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/youtubeico1.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 twitter_ico.png
website-kampanyalarim.site/content/assets/images/footer/ 808 B
808 B 123ms
112ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/footer/twitter_ico.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 app_appstore.png
website-kampanyalarim.site/content/assets/images/ 808 B
808 B 96ms
85ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/app_appstore.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 app_googleplay.png
website-kampanyalarim.site/content/assets/images/ 808 B
808 B 91ms
80ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/content/assets/images/app_googleplay.png
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 garenta_loading.gif
website-kampanyalarim.site/Content/assets/images/ 808 B
808 B 115ms
104ms Image
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://website-kampanyalarim.site/Content/assets/images/garenta_loading.gif
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 layoutjs
website-kampanyalarim.site/Content/assets/ 0
0 62ms
44ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/layoutjs?v=5ndK8cFtiEk8qdedfpS5iSnmGmkcKgf-OA-Hfyvomko1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 collaboration.js
website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/ 0
0 63ms
46ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/collaboration.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 pickercss
website-kampanyalarim.site/Content/assets/ 0
0 76ms
60ms Stylesheet
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/pickercss?v=nPZx4XkJDbjowHzcEljTttKeOOprBqKncyC91BbxEPA1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 pickerjs
website-kampanyalarim.site/Content/assets/ 0
0 106ms
89ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/pickerjs?v=uNpyDy0xeAYJw4OnUHFUWcK6YKbc3I47j2KcIOrmi8c1
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 campaignsearch
website-kampanyalarim.site/Content/assets/ 0
0 74ms
58ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/campaignsearch?v=lmSsQ_mLQagITVa4pfpKeptS2wEfyclBN7eYb-ODlK01
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 404 tr_TR.js
website-kampanyalarim.site/Content/assets/js/picker/ 0
0 118ms
102ms Script
text/html 3.123.31.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://website-kampanyalarim.site/Content/assets/js/picker/tr_TR.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.123.31.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-31-56.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"328-600b4fa00b668"
content-type: text/html

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
873 B 126ms
82ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=tr

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e3fe0befdde21c86098aca47577ed5e6b6b0e85f200d486b4f76e9dc346e422

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H2

200

netmera_sdk.js Show response
ntm.netmera-web.com/wsdk2/nmweb/
Redirect Chain

https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g
https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js

60 KB
17 KB

366ms
9ms

Script
application/javascript

65.9.66.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Server: 65.9.66.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30478d91396916be9394c38fd5dddfd240825a5b2d8bf3d1af321a466b4cbee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:28 GMT
content-encoding: br
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 09:10:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"b6e1978280bc66104123d8a33007ed48"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, max-age=900, s-maxage=604800
x-amz-cf-id: 2PX8GpJRJkdx4UbfklnWkkCbie2tiBv3s_ZTeoDDjRj3f6hZY65Omw==

Redirect headers

location: https://ntm.netmera-web.com/wsdk2/nmweb/netmera_sdk.js
date: Mon, 24 Jul 2023 08:57:27 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2 200 ins.js Show response
garenta.api.useinsider.com/ 0
686 B 71ms
28ms Script
application/javascript 2606:4700:7::a29f:863d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://garenta.api.useinsider.com/ins.js?id=10001743

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aLLGNX5X6NuBlPbwN11fa6CiA74NVt4l
cf-cache-status: HIT
x-amz-request-id: BCE4YJA4BHAGPXA9
age: 3478
content-length: 0
x-amz-id-2: SUchRDXvirGDdoEptLnh+GwOHcUYAbjZjx2TrU5ssj6XJZ0CKHEFfxjKq0ZAQrlgkF/5cqaYKDY=
x-xss-protection: 1
pragma: public
last-modified: Tue, 26 Apr 2022 14:00:02 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 7ebaf4aaa9284d2b-FRA
expires: Mon, 24 Jul 2023 20:57:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 63ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i&subset=latin-ext

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 08:57:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 62ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin-ext

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 07:13:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
517 B 61ms
25ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 07:10:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 62ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 15549312
cdn-cachedat: 2021-04-12 23:59:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2249cc2d5592c0660ad0a7d219cd1aad
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7ebaf4aaaeabbb5f-FRA
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
105 KB 62ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c187d761e881547d52cc132e634371db4077170d960d19d0f1fb086a384c48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107181
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 159 KB
57 KB 80ms
36ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PJS7MG3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ebd20a83dd21baed9c7c04ea3c11740b38133e68df444add5faccf419e06ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 58015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992173426/ 3 KB
2 KB 87ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992173426/?random=1690189047560&cv=11&fst=1690189047560&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&auid=2049298595.1690189048&uamb=0&uaw=0&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2c572a098ec0fad56b4bc58c143204a7f39ea3f8a0eef2c927337d5c994f2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Jul 2023 07:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6770
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 24 Jul 2023 09:04:37 GMT

GET
H2

200

activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;ua... Show response
8901912.fls.doubleclick.net/ Frame 10D0
Redirect Chain

https://8901912.fls.doubleclick.net/activityi;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;...
https://8901912.fls.doubleclick.net/activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;...

1 KB
858 B

67ms
64ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8901912.fls.doubleclick.net/activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

7c7a2cb2b51328d7352f7d2b20e54ac82f1438349e8dd03cff8dbd0827d0ef59

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://website-kampanyalarim.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 519
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 08:57:27 GMT
expires: Mon, 24 Jul 2023 08:57:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 08:57:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8901912.fls.doubleclick.net/activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2838419.js Show response
static.hotjar.com/c/ 9 KB
4 KB 96ms
7ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2838419.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

a8d53eaeda6725d311a182d068ea269a1f01a2d9565ee777b6a359857c3971c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Jul 2023 08:57:21 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 13
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5e515b438f8ca365ddcfefcf9d0fce23
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: HOWYwaXrZ0r941GWR3OwbIz0DD04JUKdWihlS8rL7eNNq83CMo6Qlg==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 45 KB
15 KB 111ms
22ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 May 2023 12:05:15 GMT
server: nginx
etag: W/"6464c2fb-b219"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:57:27 GMT

GET
H2 200 hotjar-602392.js Show response
static.hotjar.com/c/ 0
431 B 95ms
7ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-602392.js?sv=5

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:21 GMT
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 10
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: LJeR4TavMUTC60_k422c5mjMG5ncx1QgfGGJHkzuq_a8Z54DTuZIdA==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 89ms
3ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 16:23:39 GMT
content-encoding: gzip
age: 59628
x-guploader-uploadid: ADPycdumoglCKFqB9j40XUwN8zhG4Lf3TFA5c3OhS7whQduLm2mKzJtmIBJ3ttf7K6ntTSuPgmPf26WkVOS5EqRp2dAIxIRQWAZK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Mon, 24 Jul 2023 16:23:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 295ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 08:57:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: /GThi88oMI1K9/ic8kSvjkCf3zE/uIRdtni07u0gSr3t/fFwJ0ajFDAw8mGvi8DAA68oRsOQBBX/M8oFCgudVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

224ms
60ms

Script
application/javascript

37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/
Protocol: H2
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000a56da2566bc5e761-00646c8ee1-32957f68-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 24 Jul 2023 08:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
87 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQKTFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7fa9656d2d1b2baf79364c205b807170f4d8f791727147c8d1259a293c04c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jul 2023 08:57:27 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 82 KB
82 KB 364ms
28ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
cdn-cachedat: 08/25/2022 04:48:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83760
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "fdf491ce5ff5b2da02708cd0e9864719"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7a5fecb81b1c93574579e1befcd6f0ad
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7ebaf4addf682c41-FRA
cdn-requestpullsuccess: True

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 92ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 398307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 18:19:00 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 5 KB
6 KB 93ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 14:58:16 GMT
x-content-type-options: nosniff
age: 151151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5544
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 14:58:16 GMT

GET
H2 200 recaptcha__tr.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 433 KB
174 KB 314ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__tr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=tr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ab4bbc298bd8b74b50de852a3dddd35c9b71a47c22ff77dc6962b752236f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://website-kampanyalarim.site/
Origin: https://website-kampanyalarim.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 16:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177573
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 16:36:22 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/992173426/ 42 B
327 B 37ms
27ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992173426/?random=1690189047560&cv=11&fst=1690185600000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&fmt=3&is_vtc=1&random=3334601993&rmt_tld=0&ipr=y

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/992173426/ 42 B
455 B 105ms
38ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992173426/?random=1690189047560&cv=11&fst=1690185600000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&frm=0&tiba=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&data=local_id%3Dhome%3Blocal_pagetype%3Dhome%3Blocal_totalvalue%3D0&fmt=3&is_vtc=1&random=3334601993&rmt_tld=1&ipr=y

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 45ms
10ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1359345543&t=pageview&_s=1&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&ul=en-us&de=UTF-8&dt=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABQAAAACAAI~&jid=595287200&gjid=172664356&cid=1275933988.1690189048&tid=UA-48094469-2&_gid=1588694408.1690189048&_slc=1&gtm=45He37j0n71WQKTFB&cd16=False&z=742860689

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://website-kampanyalarim.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 134ms
20ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48094469-2&cid=1275933988.1690189048&jid=595287200&gjid=172664356&_gid=1588694408.1690189048&_u=aGBAgEABQAAAAGAAI~&z=414560355

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://website-kampanyalarim.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Jul 2023 08:57:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 54ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MEEZBTE0X0&gtm=45je37j0&_p=1359345543&_gaz=1&cid=1275933988.1690189048&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1690189047&sct=1&seg=0&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&dt=Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&en=page_view&_fv=1&_ss=2&up.userId=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 34ms
29ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MEEZBTE0X0&cid=1275933988.1690189048&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MEEZBTE0X0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://website-kampanyalarim.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MEEZBTE0X0&cid=1275933988.1690189048&gtm=45je37j0&aip=1&z=1324746582

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 39ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48094469-2&cid=1275933988.1690189048&jid=595287200&_u=aGBAgEABQAAAAGAAI~&z=383721224

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48094469-2&cid=1275933988.1690189048&jid=595287200&_u=aGBAgEABQAAAAGAAI~&z=383721224

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.a0d74aac8cc078f29dca.js Show response
script.hotjar.com/ 279 KB
68 KB 1288ms
6ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a0d74aac8cc078f29dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2838419.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 243443
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69233
last-modified: Fri, 21 Jul 2023 13:19:44 GMT
etag: "296f56b68e90f44dfc003e4f2b43db7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 7rK3jIYE-q1P6PeiMyJ4JRXr0OrioYhDx_hzol6MZ0XYFAmEyMzuow==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 10D0 49 KB
18 KB 321ms
48ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8901912.fls.doubleclick.net
URL: https://8901912.fls.doubleclick.net/activityi;dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=2049298595.1690189048;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18398
x-xss-protection: 0
server: cafe
etag: 17414105932935890869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 08:57:28 GMT

GET
H2 200 dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=*;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
adservice.google.com/ddm/fls/z/ Frame 10D0 42 B
401 B 316ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMzotu78poADFbhXkQUd7DwBwA;src=8901912;type=invmedia;cat=garen0;ord=6454179793372;auiddc=*;u1=undefined;u2=undefined;u3=%2F;u4=;gtm=45He37j0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 72CA 15 KB
6 KB 48ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=website-kampanyalarim.site&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://website-kampanyalarim.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 08:57:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 323449
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 1134162144016155 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 137ms
136ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1134162144016155?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

318be3ccf5efa7aeac3d594dd84f3d2241bb6eca0ef33b47a1eeb90728750db0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 08:57:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: NAXGt36KRJsRMvNdlKxFIXiRsZ1Njx9Txi0fkyk3HVie8jpHdJpjWu3jBUgnxvnZ11F4C2MBL7OtslCgH6zQuQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=6452309948...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=64523...

178 B
766 B

28ms
28ms

Script
text/javascript

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=64523099486&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa867a91b982a4f96446c6cda5c266dcad3fde806b86313a605fed5319708319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 236
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1221050&ADFPageName=GarentaDAY%7CHomepage%7CHomepage%7CDenizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta&ADFdivider=%7C&ord=64523099486&ADFtpmode=2&loc=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame 72CA
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=website-kampanyalarim.site&sn=ChromeSyncframe&so=0&topUrl=website-kampanyalarim.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=N1PIf3xVeUxHbXRLbWMrU2RjL1hldjJkVW5xM1pLQm5sNHBvS2k2MC9hRzdsWXJ4RS9ERjV2OFJablFlRlozaFR4QXhRSERRbWN2ZWxpMmo1YWE4NllCZ2R2SytCWTRuN1dVWmpLYXR6SDZXUFZSS0ZLVmNCTjdBS3VDUk...

468 B
678 B

85ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=N1PIf3xVeUxHbXRLbWMrU2RjL1hldjJkVW5xM1pLQm5sNHBvS2k2MC9hRzdsWXJ4RS9ERjV2OFJablFlRlozaFR4QXhRSERRbWN2ZWxpMmo1YWE4NllCZ2R2SytCWTRuN1dVWmpLYXR6SDZXUFZSS0ZLVmNCTjdBS3VDUkVIRzVBT3ptZkxjYzZFanhaaWNpalh2dVVXY1NnVEtOTldOQk9EWVZpQUQvaDZ6YitYVUZtTlZIeXR4c1I2UmxtQm1zVHg4SW9TRlgwYTduM0d3MmRXeXRaWG8rZElodVZkUEpGM0M5TDY4Sm1TMnVqd2hhZXJsYnVSbTU2S0xuTmRxZlgvbS9WUVZzN1hQRHlkeE9wcVFGb0xIcTJtMDYraVpldzVqVEgzRzlCUHdGMXUxUT18&cppv=2

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4d2e7ac1874bf5623ede00f446f72b7d158ed4df7ce67d91745a9c643646ce29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1439311
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=N1PIf3xVeUxHbXRLbWMrU2RjL1hldjJkVW5xM1pLQm5sNHBvS2k2MC9hRzdsWXJ4RS9ERjV2OFJablFlRlozaFR4QXhRSERRbWN2ZWxpMmo1YWE4NllCZ2R2SytCWTRuN1dVWmpLYXR6SDZXUFZSS0ZLVmNCTjdBS3VDUkVIRzVBT3ptZkxjYzZFanhaaWNpalh2dVVXY1NnVEtOTldOQk9EWVZpQUQvaDZ6YitYVUZtTlZIeXR4c1I2UmxtQm1zVHg4SW9TRlgwYTduM0d3MmRXeXRaWG8rZElodVZkUEpGM0M5TDY4Sm1TMnVqd2hhZXJsYnVSbTU2S0xuTmRxZlgvbS9WUVZzN1hQRHlkeE9wcVFGb0xIcTJtMDYraVpldzVqVEgzRzlCUHdGMXUxUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 276699
content-length: 0
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
4 KB 299ms
20ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=30153&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Pwl4sV9TNnFnMlpnM2d3ckVPMEdXV2M0R0wlMkYxZFZzaTVma0tCQnY1TU5STUtWMEFIeWlOd1JjJTJGM3IlMkZEJTJCdVFJYUZIS0I3RWJmRzRWcXhYMlViZUJNRTRmcXNoUm4lMkY2bE1vZGR2QTVJSjVOOUMzZFNFYnp3OExWdDZ2N2Vzc0ZQTU92ZnJuRjMlMkI4RElrdlBBMzRrYkN5Nk0xb2x1UzRybCUyRnR4ekw4VHNLdEI0S1VLTSUzRA&tld=website-kampanyalarim.site&fu=https%253A%252F%252Fwebsite-kampanyalarim.site%252F&ceid=8263c0ef-a09e-43ee-b763-1556d6d98a07&dtycbr=77190

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2454a7f21b495140f512a418e6f210e1537916c2399b49779234fa70383c370d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6038254
timing-allow-origin: *
expires: 0

OPTIONS
H2 204 get
wsdkapi.netmera.com/sdk/3.0/config/ Frame 0
0 383ms
43ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/config/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: GET
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 08:57:28 GMT
server: nginx

GET
H2 200 get Show response
wsdkapi.netmera.com/sdk/3.0/config/ 11 KB
11 KB 50ms
49ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/config/get

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

781e86f4d85534912da82bb67bdf2ab3cdaa3c06359fd0a774a43c02bed387d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: de-DE,de;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 08:57:28 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 37ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1134162144016155&ev=PageView&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189048323&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690189048322.84850298&it=1690189048063&coo=false&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/788595272/ Frame 10D0 3 KB
2 KB 23ms
22ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/788595272/?random=1690189048366&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMzotu78poADFbhXkQUd7DwBwA%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D6454179793372%3Bauiddc%3D2049298595.1690189048%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

bb3e28ef19e3fb3b484ff366d38a847c641b0112712073f32a0057057ca5ef36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/788595272/ Frame 10D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C4...
https://www.google.com/pagead/1p-conversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&...
https://www.google.de/pagead/1p-conversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u...

42 B
64 B

131ms
131ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMzotu78poADFbhXkQUd7DwBwA%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D6454179793372%3Bauiddc%3D2049298595.1690189048%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_LT7vymgAMVM8q7CB3QMgve&is_vtc=1&ocp_id=-Dy-ZOeWF7OU7_UP0OWs8A0&cid=CAQSKQBpAlJWxZWbjCfoEX58X80TkhzfRltkztdgcyVvEdTaWjMIeycrKH-r&random=2822473329&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8901912.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/788595272/?random=1554742797&cv=9&fst=1690189048366&num=1&label=3R9DCNn0-IwBEMiEhPgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8901912.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMzotu78poADFbhXkQUd7DwBwA%3Bsrc%3D8901912%3Btype%3Dinvmedia%3Bcat%3Dgaren0%3Bord%3D6454179793372%3Bauiddc%3D2049298595.1690189048%3Bu1%3Dundefined%3Bu2%3Dundefined%3Bu3%3D%252F%3Bu4%3D%3Bgtm%3D45He37j0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwebsite-kampanyalarim.site%252F%3F&ref=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_LT7vymgAMVM8q7CB3QMgve&is_vtc=1&ocp_id=-Dy-ZOeWF7OU7_UP0OWs8A0&cid=CAQSKQBpAlJWxZWbjCfoEX58X80TkhzfRltkztdgcyVvEdTaWjMIeycrKH-r&random=2822473329&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 init Show response
wsdkapi.netmera.com/sdk/3.0/session/ 2 B
266 B 46ms
46ms Fetch
application/json 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/session/init

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: de-DE,de;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 08:57:28 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: 1; mode=block

OPTIONS
H2 204 init
wsdkapi.netmera.com/sdk/3.0/session/ Frame 0
0 43ms
43ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/session/init
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 08:57:28 GMT
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1134162144016155&ev=Microdata&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189048826&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta%22%2C%22meta%3Adescription%22%3A%22DenizBank%20Afili%20Bankac%C4%B1l%C4%B1k%20M%C3%BC%C5%9Fterilerine%20%C3%96zel%20%2538%20%C4%B0ndirim!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2FContent%2Fassets%2Fimages%2Fgarenta-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&ec=1&o=30&fbp=fb.1.1690189048322.84850298&it=1690189048063&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: website-kampanyalarim.site
URL: https://website-kampanyalarim.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 fire Show response
wsdkapi.netmera.com/sdk/3.0/event/ 0
243 B 44ms
44ms Fetch 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL

https://wsdkapi.netmera.com/sdk/3.0/event/fire

Requested by

Host: cdn.netmera-web.com
URL: https://cdn.netmera-web.com/wsdkjs/kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-netmera-os: CHROME
accept-language: de-DE,de;q=0.9
x-netmera-device-type: DESKTOP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
x-netmera-sdkv: 4.2.18
Referer: https://website-kampanyalarim.site/
x-netmera-api-key: kPj4gznmvwM5MrZCc451LspuvSxwIMVnmLL83SSZrRFcmoTUio62aS0VTB7tly-g

Response headers

date: Mon, 24 Jul 2023 08:57:28 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fire
wsdkapi.netmera.com/sdk/3.0/event/ Frame 0
0 43ms
43ms Preflight 185.57.65.125
VMIND

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdkapi.netmera.com/sdk/3.0/event/fire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.57.65.125 Istanbul, Turkey, ASN9215 (VMIND, TR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netmera-api-key,x-netmera-device-type,x-netmera-os,x-netmera-sdkv
Access-Control-Request-Method: POST
Origin: https://website-kampanyalarim.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: *
date: Mon, 24 Jul 2023 08:57:28 GMT
server: nginx

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame A494
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30

43 B
345 B

8ms
8ms

Image
image/gif

18.192.88.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30
Protocol: H2
Server: 18.192.88.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-88-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KL9auKLkKYW64mXZD_nXpq3sqv5NoqM1IDLxXA&expires=30
date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A494
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-vMXFIqLkKYW64mXZD_nXpq3sqv7r-avAIMc9pQ&google_cm&google_hm=ay12TVhGSXFMa0tZVzY0bVhaRF9uWHBxM3NxdjdyLWF2Q...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vMXFIqLkKYW64mXZD_nXpq3sqv7r-avAIMc9pQ&google_gid=CAESEA5GA5pWJWUN746plEAMNcE&google_cver=1&google_ula=913071,0

43 B
369 B

14ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vMXFIqLkKYW64mXZD_nXpq3sqv7r-avAIMc9pQ&google_gid=CAESEA5GA5pWJWUN746plEAMNcE&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 536377
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-vMXFIqLkKYW64mXZD_nXpq3sqv7r-avAIMc9pQ&google_gid=CAESEA5GA5pWJWUN746plEAMNcE&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A494
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7399983653937992733

43 B
370 B

19ms
19ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7399983653937992733

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1117733
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
an-x-request-uuid: e184016a-8d65-4f70-8f14-a21c946a852f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7399983653937992733
x-proxy-origin: 146.70.117.102; 146.70.117.102; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame A494
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-C1WAqaLkKYW64mXZD_nXpq3sqv7Td-PUpLEl7A
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-C1WAqaLkKYW64mXZD_nXpq3sqv7Td-PUpLEl7A

43 B
904 B

13ms
13ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-C1WAqaLkKYW64mXZD_nXpq3sqv7Td-PUpLEl7A

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
an-x-request-uuid: a15295fb-0cce-427f-aa57-5641cb4c2cbe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.102; 146.70.117.102; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
an-x-request-uuid: e20027e5-6ffa-4710-8d1c-805e1ed4ce1e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-C1WAqaLkKYW64mXZD_nXpq3sqv7Td-PUpLEl7A
cache-control: no-store, no-cache, private
x-proxy-origin: 146.70.117.102; 146.70.117.102; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame A494 61 B
793 B 123ms
73ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-k23rqaLkKYW64mXZD_nXpq3sqv6T4jR7t4cB5A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 08:57:29 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 24 Jul 2023 08:57:29 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame A494 0
239 B 42ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-vMVkC6LkKYW64mXZD_nXpq3sqv6fty5ugGtNhg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame A494 0
358 B 56ms
7ms Image
text/plain 3.127.191.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-t8QHNqLkKYW64mXZD_nXpq3sqv44AYYN9hTfcA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.191.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-191-217.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame A494 43 B
114 B 1137ms
25ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-JSornaLkKYW64mXZD_nXpq3sqv4A1WLcro4B6w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A494 0
99 B 301ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-mSrKJaLkKYW64mXZD_nXpq3sqv5S1vmAep9eWw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13014

GET
H2 200 um
criteo-sync.teads.tv/ Frame A494 23 B
163 B 83ms
38ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-RMKkjqLkKYW64mXZD_nXpq3sqv5WfaZAlr36rA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Mon, 24 Jul 2023 08:57:29 GMT
pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame A494 37 B
140 B 25ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-iEnAKaLkKYW64mXZD_nXpq3sqv4DW_tBcaz4OQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame A494 0
125 B 118ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-upZlx6LkKYW64mXZD_nXpq3sqv7sLXEJ9Mdq6A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame A494 43 B
163 B 78ms
24ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-HjqL5aLkKYW64mXZD_nXpq3sqv4G3D56yiZLbQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame A494 49 B
342 B 76ms
20ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-H3ExTqLkKYW64mXZD_nXpq3sqv5rRX6xW2uQiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:29 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame A494
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-d7qxYaLkKYW64mXZD_nXpq3sqv5tHS0Zc0QABA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-d7qxYaLkKYW64mXZD_nXpq3sqv5tHS0Zc0QABA&C=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-d7qxYaLkKYW64mXZD_nXpq3sqv5tHS0Zc0QABA&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 08:57:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 08:57:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-d7qxYaLkKYW64mXZD_nXpq3sqv5tHS0Zc0QABA&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A494
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kngB1ctRq1DnUuIp4nXgQNXtQEjuM66V
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kngB1ctRq1DnUuIp4nXgQNXtQEjuM66V

42 B
942 B

34ms
34ms

Image
image/gif

52.209.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kngB1ctRq1DnUuIp4nXgQNXtQEjuM66V

Protocol

HTTP/1.1

Server

52.209.244.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-244-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0e70ad34b.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gNwFRwslRKw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-0672f2eac.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: X8YLHyOhQSU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kngB1ctRq1DnUuIp4nXgQNXtQEjuM66V
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame A494 43 B
1 KB 1285ms
9ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-7zQuP6LkKYW64mXZD_nXpq3sqv4q-r03nBmP1Q

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 24 Jul 2023 08:57:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame A494
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jQhImaLkKYW64mXZD_nXpq3sqv6k1aDYq-RtmA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jQhImaLkKYW64mXZD_nXpq3sqv6k1aDYq-RtmA

43 B
447 B

31ms
31ms

Image
image/gif

54.78.144.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jQhImaLkKYW64mXZD_nXpq3sqv6k1aDYq-RtmA
Protocol: H2
Server: 54.78.144.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-144-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Jul 2023 08:57:29 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jQhImaLkKYW64mXZD_nXpq3sqv6k1aDYq-RtmA
access-control-allow-origin: *
date: Mon, 24 Jul 2023 08:57:29 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame A494 42 B
265 B 37ms
16ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-DLIZZ6LkKYW64mXZD_nXpq3sqv4taJ8aTyGtPw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame A494 0
877 B 274ms
9ms Image
text/html 35.156.26.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-5rKaqKLkKYW64mXZD_nXpq3sqv7IxYtJoti1lg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame A494 0
145 B 369ms
88ms Image
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-CIDEiKLkKYW64mXZD_nXpq3sqv7KkUFWPF1Lmg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 08:57:29 GMT
Cache-Control: no-cache
X-TraceId: b3aac4dc8cfb4d5ae73b9d8ba0d5cfee
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A494 42 B
582 B 76ms
20ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-30BrQKLkKYW64mXZD_nXpq3sqv5fGJgg-iIcMA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame A494 43 B
400 B 329ms
98ms Image
image/gif 2600:1f18:612b:4280:b760:f1:8e5d:af71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-SW7QBKLkKYW64mXZD_nXpq3sqv7w4sqiPWBYug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:b760:f1:8e5d:af71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 24 Jul 2023 08:57:29 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame A494 0
400 B 296ms
28ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-3QN0D6LkKYW64mXZD_nXpq3sqv6EEI6VI9R_aA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Jul 2023 08:57:29 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 23 Jul 2023 08:57:29 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame A494 0
38 B 154ms
33ms Image
text/plain 52.210.83.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-j90hQaLkKYW64mXZD_nXpq3sqv7jt8KOK2LvTQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.83.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-83-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame A494 0
44 B 36ms
7ms Image
text/plain 35.158.16.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-jl1b56LkKYW64mXZD_nXpq3sqv4iCKGJpZ5Ttg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-209.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:57:29 GMT
server: awselb/2.0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A494
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cOsx9292R4VqtSnDYoo2PCZWzvVGtAS6

0
338 B

340ms
30ms

Image
text/plain

52.212.62.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cOsx9292R4VqtSnDYoo2PCZWzvVGtAS6
Protocol: H2
Server: 52.212.62.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-62-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1690189049
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cOsx9292R4VqtSnDYoo2PCZWzvVGtAS6
date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 744978
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame A494
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XiD2ZjyOXGt7wM91InZPWNPwcFFNdLNx

35 B
267 B

580ms
109ms

Image
image/gif

3.22.177.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XiD2ZjyOXGt7wM91InZPWNPwcFFNdLNx
Protocol: H2
Server: 3.22.177.214 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-177-214.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 08:57:30 GMT
x-bt-requestid: 1f0964e0-2a00-11ee-9cba-0000ac17031e
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XiD2ZjyOXGt7wM91InZPWNPwcFFNdLNx
date: Mon, 24 Jul 2023 08:57:29 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 783005
content-length: 0

GET
H3 200 272039029802521 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 142ms
140ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/272039029802521?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf01bdbb65f05cdda2528eef0c19c238158cf04d8244cc192d354ae5c875d4b2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Jul 2023 08:57:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: nsRNaqytXJx2cBDs0jWpI6GduRp4yk6s22EnB//ktuv+5EGWaRjd8VYw1Dt9wy9GPlhORxTVaPzO+Crel1n3/Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272039029802521&ev=PageView&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189051307&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690189048322.84850298&it=1690189048063&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=272039029802521&ev=Microdata&dl=https%3A%2F%2Fwebsite-kampanyalarim.site%2F&rl=&if=false&ts=1690189051809&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Denizbank%20Afili%20Bonus%20Kart%20Kampanyas%C4%B1%20-%20Garenta%22%2C%22meta%3Adescription%22%3A%22DenizBank%20Afili%20Bankac%C4%B1l%C4%B1k%20M%C3%BC%C5%9Fterilerine%20%C3%96zel%20%2538%20%C4%B0ndirim!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%2FContent%2Fassets%2Fimages%2Fgarenta-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&ec=1&o=30&fbp=fb.1.1690189048322.84850298&it=1690189048063&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website-kampanyalarim.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Jul 2023 08:57:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.useinsider.com/	1970-01-20 13:29:50	Name: __cf_bm Value: .NLrAkudN7anMlL6_T4dGgFLRmEeOFCeOolyzLyFKyw-1690189047-0-AR5PXYkv4nLwtyGOKZHWGnnZ6+EW3Q4rIRcdiG2GCZ6XdH12ecDtzcfwatZDda5SrD11oxfCthcbjGOeKDwHVQk=
.website-kampanyalarim.site/	1970-01-20 15:39:25	Name: _gcl_au Value: 1.1.2049298595.1690189048
.website-kampanyalarim.site/	1970-01-20 13:31:15	Name: _gid Value: GA1.2.1588694408.1690189048
.website-kampanyalarim.site/	1970-01-20 13:29:49	Name: _dc_gtm_UA-48094469-2 Value: 1
.website-kampanyalarim.site/	1970-01-20 23:05:49	Name: _ga_MEEZBTE0X0 Value: GS1.1.1690189047.1.0.1690189047.60.0.0
.website-kampanyalarim.site/	1970-01-20 23:05:49	Name: _ga Value: GA1.1.1275933988.1690189048
.doubleclick.net/	1970-01-20 22:51:25	Name: IDE Value: AHWqTUkoy2YaRWay-_vcFRLKgjRO2ZtYtXUqaxnDIvyp0J92IExU9T5MsBSTCoRTMGM
.website-kampanyalarim.site/	1970-01-20 22:15:25	Name: mp_a1961649b67d787d8f16563d4020438f_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A189871e28c43dc-054e4a5e1ef7b4-693c5154-1d4c00-189871e28c43dc%22%2C%22%24device_id%22%3A%20%22189871e28c43dc-054e4a5e1ef7b4-693c5154-1d4c00-189871e28c43dc%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.criteo.com/	1970-01-20 22:51:25	Name: uid Value: 4924e512-1c2f-471b-9bfe-c026157ce0da
.adform.net/	1970-01-20 14:14:27	Name: C Value: 1
.adform.net/	1970-01-20 14:56:13	Name: uid Value: 5234463123636138654
.website-kampanyalarim.site/	1970-01-20 22:59:13	Name: cto_bundle Value: Pwl4sV9TNnFnMlpnM2d3ckVPMEdXV2M0R0wlMkYxZFZzaTVma0tCQnY1TU5STUtWMEFIeWlOd1JjJTJGM3IlMkZEJTJCdVFJYUZIS0I3RWJmRzRWcXhYMlViZUJNRTRmcXNoUm4lMkY2bE1vZGR2QTVJSjVOOUMzZFNFYnp3OExWdDZ2N2Vzc0ZQTU92ZnJuRjMlMkI4RElrdlBBMzRrYkN5Nk0xb2x1UzRybCUyRnR4ekw4VHNLdEI0S1VLTSUzRA
.website-kampanyalarim.site/	1970-01-20 15:39:25	Name: _fbp Value: fb.1.1690189048322.84850298
.website-kampanyalarim.site/	1970-01-20 22:15:25	Name: _hjSessionUser_2838419 Value: eyJpZCI6IjZkMTRkMjIzLTVkZTgtNTdhMC1iOTAyLWIzYWEwOGQyZjgxZCIsImNyZWF0ZWQiOjE2OTAxODkwNDkyOTUsImV4aXN0aW5nIjpmYWxzZX0=
.website-kampanyalarim.site/	1970-01-20 13:29:50	Name: _hjFirstSeen Value: 1
.website-kampanyalarim.site/	1970-01-20 13:29:49	Name: _hjIncludedInSessionSample_2838419 Value: 0
.website-kampanyalarim.site/	1970-01-20 13:29:50	Name: _hjSession_2838419 Value: eyJpZCI6IjQ2NWZhOWI5LTMyM2ItNGQxYi05NGMxLTIwOGViMjM1YjVlNSIsImNyZWF0ZWQiOjE2OTAxODkwNDkzMDQsImluU2FtcGxlIjpmYWxzZX0=
.website-kampanyalarim.site/	1970-01-20 13:29:50	Name: _hjAbsoluteSessionInProgress Value: 0
.adnxs.com/	1970-01-20 15:39:25	Name: uuid2 Value: 7399983653937992733
match.sharethrough.com/	1970-01-20 13:39:53	Name: AWSALBCORS Value: SIKXlbSMePHqQgAjU/0q421Ar0xJOt8lM1mlby/kGnVlzrW+edi3g3/lcvQMaeEGRovLAORcYcXq9RBdbUV5clW949MQJ/hNuRRyyoblZBoaE3hVn6lV1gnA6tK/
.adnxs.com/	1970-01-20 15:39:25	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In:tBk@F!]tbPl@/D!9hy6]/CwiU3antji6r`44BP+!5c9Fo7yn^)i%Xng[M1B5c$OGf$4tr??l[e.'y=7bpRzqF1`befZ-2fix
.casalemedia.com/	1970-01-20 22:15:25	Name: CMID Value: ZL48.d5AxN8hObRbWw6UAAAA
.casalemedia.com/	1970-01-20 15:39:25	Name: CMPS Value: 3301
.casalemedia.com/	1970-01-20 15:39:25	Name: CMPRO Value: 3301
.media.net/	1970-01-20 22:15:25	Name: visitor-id Value: 3331906499111021000V10
.media.net/	1970-01-20 14:13:01	Name: data-c-ts Value: 1690189049
.media.net/	1970-01-20 14:13:01	Name: data-c Value: k-k23rqaLkKYW64mXZD_nXpq3sqv6T4jR7t4cB5A~~3
.omnitagjs.com/	1970-01-20 14:13:01	Name: ayl_visitor Value: 9270f0fcb48d643139561e679e75c745
.demdex.net/	1970-01-20 17:49:01	Name: demdex Value: 34895515460590804410898409031149065672
.dpm.demdex.net/	1970-01-20 17:49:01	Name: dpm Value: 34895515460590804410898409031149065672
.360yield.com/	1970-01-20 15:39:25	Name: tuuid Value: 6c16b437-2939-4a8c-9299-9c3dfd527c8e
.360yield.com/	1970-01-20 15:39:25	Name: tuuid_lu Value: 1690189049
.pubmatic.com/	1970-01-20 14:13:01	Name: KRTBCOOKIE_97 Value: 3385-uid:k-30BrQKLkKYW64mXZD_nXpq3sqv5fGJgg-iIcMA&KRTB&23144-uid:k-30BrQKLkKYW64mXZD_nXpq3sqv5fGJgg-iIcMA&KRTB&23286-uid:k-30BrQKLkKYW64mXZD_nXpq3sqv5fGJgg-iIcMA&KRTB&23287-uid:k-30BrQKLkKYW64mXZD_nXpq3sqv5fGJgg-iIcMA
.pubmatic.com/	1970-01-20 14:13:01	Name: PugT Value: 1690189049
.360yield.com/	1970-01-20 15:39:25	Name: um Value: !38,KWUfQudSqDgJva-fkmNLUBiMSC2.7fxAuTQsnxBqQHBbzd9X2HQ6icfnmgxq7It.rJOmplfo,1697965049
.360yield.com/	1970-01-20 15:39:25	Name: umeh Value: !38,0,1752397049,-1
.bidswitch.net/	1970-01-20 22:15:25	Name: tuuid Value: 2f5d331a-fc23-40fd-90f5-ff02d05f4eb6
.bidswitch.net/	1970-01-20 22:15:25	Name: c Value: 1690189049
.bidswitch.net/	1970-01-20 22:15:25	Name: tuuid_lu Value: 1690189049
exchange.mediavine.com/	1970-01-20 13:49:58	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%221ea10620-2a00-11ee-a601-771742090aa5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221ea10620-2a00-11ee-a601-771742090aa5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: am_tokens Value: %7B%22mv_uuid%22%3A%221ea10620-2a00-11ee-a601-771742090aa5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221ea10620-2a00-11ee-a601-771742090aa5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:49:58	Name: criteo Value: %7B%22id%22%3A%22k-5rKaqKLkKYW64mXZD_nXpq3sqv7IxYtJoti1lg%22%2C%22version%22%3A%22criteo%22%7D
.tremorhub.com/	1970-01-20 22:15:45	Name: tvid Value: 93d024094db743ebb8d0b5c04d01ed6a
.tremorhub.com/	1970-01-20 14:13:01	Name: tv_UICR Value: k-SW7QBKLkKYW64mXZD_nXpq3sqv7w4sqiPWBYug
.krxd.net/	1970-01-20 17:49:01	Name: _kuid_ Value: PsW3UIH5
.id5-sync.com/	1970-01-20 13:29:49	Name: cf Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: cip Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: car Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:29:49	Name: callback Value:

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://website-kampanyalarim.site/Content/assets/images/garenta-logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/layoutcss?v=23GcvFvbxnWA3tRNkzzdQ-uMepEn0x1qtLq4Z9-gvQw1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/layoutjs?v=5ndK8cFtiEk8qdedfpS5iSnmGmkcKgf-OA-Hfyvomko1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/instaico2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/PageScripts/GarentaCollaborations/collaboration.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/Logo_Anadolu.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta-logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/campaignsearch?v=lmSsQ_mLQagITVa4pfpKeptS2wEfyclBN7eYb-ODlK01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/celik_motor_footer_new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/pickercss?v=nPZx4XkJDbjowHzcEljTttKeOOprBqKncyC91BbxEPA1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/faceico_2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/app_googleplay.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/app_appstore.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/pickerjs?v=uNpyDy0xeAYJw4OnUHFUWcK6YKbc3I47j2KcIOrmi8c1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/ikinci_yeni_logo_new_footer.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/js/picker/tr_TR.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/Content/assets/images/garenta_loading.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/garenta_logo_footer_new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/linkico1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/youtubeico1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://website-kampanyalarim.site/content/assets/images/footer/twitter_ico.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8901912.fls.doubleclick.net
ad.360yield.com
ad.yieldlab.net
adservice.google.com
beacon.krxd.net
cdn.mxpnl.com
cdn.netmera-web.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
garenta.api.useinsider.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.garenta.com.tr
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
netdna.bootstrapcdn.com
ntm.netmera-web.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
s2.adform.net
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track.adform.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
website-kampanyalarim.site
wsdkapi.netmera.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
13.248.245.213
141.226.228.48
141.95.98.64
142.250.184.194
172.217.18.102
172.217.23.98
178.250.1.11
178.250.1.9
18.192.88.195
18.66.97.53
184.30.25.51
185.255.84.153
185.57.65.125
185.64.191.210
185.80.39.216
185.86.139.94
185.89.210.244
185.89.211.12
2001:4860:4802:32::36
23.218.208.23
23.32.185.192
2600:1901:0:bc29::
2600:1f18:612b:4280:b760:f1:8e5d:af71
2606:4700:7::a29f:863d
2606:4700::6812:acf
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9b
2a02:2638:3::c
2a02:2638:d::2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.123.31.56
3.127.191.217
3.22.177.214
3.71.149.231
34.117.157.22
35.156.26.24
35.158.16.209
37.157.2.249
37.157.6.243
37.157.6.254
5.159.251.32
52.209.244.112
52.210.83.16
52.212.62.24
52.222.236.63
54.170.121.144
54.78.144.7
65.9.66.19
69.173.144.165
70.42.32.159
12ab4bbc298bd8b74b50de852a3dddd35c9b71a47c22ff77dc6962b752236f2b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662
1e3fe0befdde21c86098aca47577ed5e6b6b0e85f200d486b4f76e9dc346e422
2454a7f21b495140f512a418e6f210e1537916c2399b49779234fa70383c370d
2ebd20a83dd21baed9c7c04ea3c11740b38133e68df444add5faccf419e06ac2
30478d91396916be9394c38fd5dddfd240825a5b2d8bf3d1af321a466b4cbee1
318be3ccf5efa7aeac3d594dd84f3d2241bb6eca0ef33b47a1eeb90728750db0
32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2e7ac1874bf5623ede00f446f72b7d158ed4df7ce67d91745a9c643646ce29
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
781e86f4d85534912da82bb67bdf2ab3cdaa3c06359fd0a774a43c02bed387d0
7993590ef120800ae890a068d78d219cdb797b35c3c65e3f6afc2860bc44413e
7c7a2cb2b51328d7352f7d2b20e54ac82f1438349e8dd03cff8dbd0827d0ef59
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88428020331bd2923c769d7dbacc79219db0d1a4d6e54affc2ad81712477b063
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9c187d761e881547d52cc132e634371db4077170d960d19d0f1fb086a384c48c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7fa9656d2d1b2baf79364c205b807170f4d8f791727147c8d1259a293c04c53
a8d53eaeda6725d311a182d068ea269a1f01a2d9565ee777b6a359857c3971c8
aa867a91b982a4f96446c6cda5c266dcad3fde806b86313a605fed5319708319
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3e28ef19e3fb3b484ff366d38a847c641b0112712073f32a0057057ca5ef36
bf01bdbb65f05cdda2528eef0c19c238158cf04d8244cc192d354ae5c875d4b2
c2c572a098ec0fad56b4bc58c143204a7f39ea3f8a0eef2c927337d5c994f2b2
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

website-kampanyalarim.site Open in urlscan Pro 3.123.31.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

87 %HTTPS

33 %IPv6

47 Domains

61 Subdomains

57 IPs

10 Countries

1067 kBTransfer

2903 kBSize

53 Cookies

14 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

website-kampanyalarim.site Open in urlscan Pro
3.123.31.56 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

87 %
HTTPS

33 %
IPv6

47
Domains

61
Subdomains

57
IPs

10
Countries

1067 kB
Transfer

2903 kB
Size

53
Cookies

104 HTTP transactions
0 data transactions