urlscan.io logo urlscan.io
SecurityTrails logo

pttavm-hgxcrsmbaykylsene.com Open in urlscan Pro
2606:4700:3033::6815:3922  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pttavm-hgxcrsmbaykylsene.com/
Effective URL: https://pttavm-hgxcrsmbaykylsene.com/
Submission: On June 09 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3033::6815:3922, located in United States and belongs to CLOUDFLARENET, US. The main domain is pttavm-hgxcrsmbaykylsene.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time pttavm-hgxcrsmbaykylsene.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    2606:4700:3033::6815:3922 (United States)

ASN13335 (CLOUDFLARENET, US)
pttavm-hgxcrsmbaykylsene.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1901:0:8dc7:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.segmentify.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:46e2 (United States)

ASN13335 (CLOUDFLARENET, US)
hgs.pttavm.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
25 pttavm-hgxcrsmbaykylsene.com
pttavm-hgxcrsmbaykylsene.com
655 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 328
www.google-analytics.com — Cisco Umbrella Rank: 43
37 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
164 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 4
1 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6180
655 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 122
15 KB
1 gstatic.com
www.gstatic.com
145 KB
1 pttavm.com
hgs.pttavm.com
1 segmentify.com
cdn.segmentify.com — Cisco Umbrella Rank: 49871
51 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 281
33 KB
42 11
Domain Requested by
25 pttavm-hgxcrsmbaykylsene.com 1 redirects pttavm-hgxcrsmbaykylsene.com
3 www.googletagmanager.com pttavm-hgxcrsmbaykylsene.com
www.googletagmanager.com
3 www.google.com pttavm-hgxcrsmbaykylsene.com
2 www.google.de pttavm-hgxcrsmbaykylsene.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 ssl.google-analytics.com pttavm-hgxcrsmbaykylsene.com
1 hgs.pttavm.com pttavm-hgxcrsmbaykylsene.com
1 cdn.segmentify.com pttavm-hgxcrsmbaykylsene.com
1 ajax.googleapis.com pttavm-hgxcrsmbaykylsene.com
42 13

This site contains links to these domains. Also see Links.

Domain
www.pttavm.com
pttavm.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.segmentify.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-25 -
2023-06-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pttavm-hgxcrsmbaykylsene.com/
Frame ID: 6D6DE64F4896E772A7CF3360AAAA4892
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HGS Online Bakiye Yükleme

Page URL History Show full URLs

  1. http://pttavm-hgxcrsmbaykylsene.com/ HTTP 301
    https://pttavm-hgxcrsmbaykylsene.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

42
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1103 kB
Transfer

2868 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pttavm-hgxcrsmbaykylsene.com/ HTTP 301
    https://pttavm-hgxcrsmbaykylsene.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pttavm-hgxcrsmbaykylsene.com/
Redirect Chain
  • http://pttavm-hgxcrsmbaykylsene.com/
  • https://pttavm-hgxcrsmbaykylsene.com/
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19 PleskLin
Resource Hash
ebb0d521f70a61fb37f4eb4093037a8f14bfda74691af25f2a2cb456c4530b6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7189e43eff239c0d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 12:32:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2wJ9DHQtKP%2BYlwMYRislzt%2F06cArAIfxTRySg3lTKMtekVbCYbhh8822yoJWxKhO0A0Doib2Xo3UZUh6TxtgcM5qiTmEnrTRDQqSN4CUWspN0h2Xhseh59vH60XNBmgK6eIu1qm%2BU4%2B%2FIjw2LEhu3hQC%2BNH4El7f%2BmA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.19 PleskLin

Redirect headers

CF-RAY
7189e43e2c848ffb-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 09 Jun 2022 12:32:43 GMT
Expires
Thu, 09 Jun 2022 13:32:43 GMT
Location
https://pttavm-hgxcrsmbaykylsene.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JmxOivcBeyIzHvIyH7gjOtPlFY5e77bGkCLI0hRFkqr97Ew5NRO8kId8%2FvQgXMukHDJrjyyC8fjuNhv7VvZD1dqEjgAJGuQvbmAfSai9lR5TZ%2F2tZ8s4LKvxY8RvL%2Fs1IlW5PYbAQSNCBqg%2FvakiMZHjYPyyMr0Mp7H"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 11:52:42 GMT
pace.js
pttavm-hgxcrsmbaykylsene.com/v2/assets/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/js/pace.js?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6c810a211fd94c38f68a9bbbbd72a237147d68006e028e6caad824b9291dd9af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 31 May 2019 23:05:58 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cf1b356-5fac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJeWGsMfyDf0a4xXGOKLMEt%2F6ABIIjAn8ObuHi8GdDbmAvtPa2Q%2BfvnfctKrSYxlQtQ0oRcpqgr16wt2Z9FkJf3vcGulh4XbPGEgYAJO46KbKQSw%2FLv57EvUmIx%2BYk6DK6FDm01Dvj4lGNYiEHw8GipsCgwRA3WmyZ7H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7189e43f98619c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pace.css
pttavm-hgxcrsmbaykylsene.com/v2/assets/css/ 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/css/pace.css?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8ce8bfa7e2ad64a9411cb227fa0b0930ead918dbcbebf8f619081369a361ef4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 31 May 2019 23:05:58 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cf1b356-7e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQq7leifCHd91DKAWx%2BmhnJA7ca3llKd0qVtbmkiXIX5luNMR%2Bm%2B4UZVOBlxHUEtvcUZJvArZ5NCRNESpACJl5YiZo0iZXYGTWeL3EcbnIvZw1KDoMidesyHnXT2fd0N%2BeCPbnAaX3AebbtBM9cAy3nVNhcP3yfvQq60"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7189e43f98679c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hgs.min_20210727191922.css
pttavm-hgxcrsmbaykylsene.com/v2/assets/css/ 		332 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/css/hgs.min_20210727191922.css?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fcddcb87157cac3cf86f2933684b0d05e7cb396bba80fa154a6b1a853ce289b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 28 Jul 2021 02:21:16 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"6100bf1c-52e24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7kwBiy0ewtB1k5phDOJQHook%2BjRF6EiTrWtr%2Ft2xbCNEO0E0qoBp4T69MIzehDV0hzeQeZHtgWocSVkfuMJ3qEfkFWxNteJbG%2Bl4VnWXIGuPqhBLdrrTrpcYwDMqDdvX%2FgRwjY7gg4gR%2FlsHwZQIHGVJ6Q%2BibtS9elh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7189e43f98699c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		914 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaReadyForInit&hl=tr
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1cee18a7727b7d96469a3878069a0fb12fd0fc5c7a1b77eeec675f4b9fc182b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Thu, 09 Jun 2022 12:32:43 GMT
segmentify_epttavm.js
cdn.segmentify.com/account-js/ 		248 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segmentify.com/account-js/segmentify_epttavm.js
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8dc7:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
152aff59adb2b8a24961196976c1d2f3c9ad05dae5414e8bfce97b7e1d21d033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:41:23 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1621943027
age
593480
x-guploader-uploadid
ADPycduzTMoRg-FqUHhNS3jymBhRAb_cZMbsrLFBN9naF2kEoSoKJZB2rC0eJ7VwtLcgsRfD-FiFxZNV9eLtU7h3yvgwnO6IMGiY
x-goog-storage-class
STANDARD
x-goog-metageneration
80614
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51197
last-modified
Tue, 25 May 2021 11:45:18 GMT
server
UploadServer
etag
"6d99eedf11ef70e599b4b466006ca42e"
vary
Accept-Encoding
x-goog-hash
crc32c=2Rp7LQ==, md5=bZnu3xHvcOWZtLRmAGykLg==
x-goog-generation
1621943118760415
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
cache-control
public, max-age=604800
x-goog-stored-content-length
51197
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 09 Jun 2022 15:41:23 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-852040690
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f33d376f7f030e8668cbafaa1b4ca8e6e2308045336ae21cefc2c4bd659fa75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43360
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Jun 2022 12:32:43 GMT
pttavm_hgs_logo.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/pttavm_hgs_logo.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
73dff3218add3bbac77153de1534cb73903772b7994bddc4c82f4d7feeefa5de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14703
last-modified
Thu, 11 Mar 2021 19:47:42 GMT
server
cloudflare
etag
"604a73de-396f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWfP4f8AbftJ9xatIhyUB0oOzRhVO338Rc9491TR9xfhGKX%2FEXNDTWk47NeQnjg2TWmBz7D8%2FUhrPPaefAoHf0mTkAkDL5uWvRWtn4UR94xGzMbOGXiw2K6HLMJSO5ldrp1WBso6j8Vhr252iFXbRLV7L8e85DdhBbU8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfd39134-FRA
hgs_yukle.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/hgs_yukle.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1345da5bac7dd8a70727f0145bc1fed436d00d976605ddfe11333b032c92a770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3657
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-e49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqbCO9rYQTez%2FMaZHvNMeKFm%2FopqKS2eLNIscYnAQ5cz05zMNJnfJ302mxhETw9tmKWpEAyPFjFlRTkM5M2SgO%2BoXDzIea24vOHuFbg78ZFRCTTMx1L95UquQsL8fbzKnI354v4cLsFkYDnsT9Ug%2FY8WDIY4SmrNAeS%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfd59134-FRA
hgs_yukle_hover.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/hgs_yukle_hover.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3bdd04595b49305a25b8d2a098e98b841aac3d2c1cb9c1f1897942c6ce8a6d06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4035
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-fc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqdA9cd7G3oD2lGPoym3IuJ%2BsSMzkbl1quHu8TD15dQUHtfBUxA79nWGYKEDN%2BnK4%2FRgmrFPBiQsGJWuQPjOGckleUMxkyTgIKsqssFIjdBvdKTQPbGAbnzg55FJQa3m8DemH4857cdvltUSBCklCz35EjBwh0l3Uyha"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfd69134-FRA
hasar_sorgula.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/hasar_sorgula.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7e695bcfdc959cecea57976e0853ea5cd3ec92d70bcc03fd8c3780f488025543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1142
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-476"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKxuAzmbD1FnAiBQHvgUF2lfdp5XjDbs5JMf6dUg55zKSN%2Fis1XEzl4pC3WrP%2F8c6QXsH9zFkdmUZHA8dT%2Be%2Fgi%2BSWbJDFOqZia%2FBZ6wp6V7fsMYcOTJ9XJcWMBCWDh0y7R6X3d0swbwgrZMp4EctevyxtZF%2FrULQt7K"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfda9134-FRA
hasar_sorgula_hover.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/hasar_sorgula_hover.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ad0925145c45e561709cba28e31f5c514d1719ffbdae3617f338ae2f8166a36e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3907
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-f43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSzXUcatLYq%2Bbia1cYF88oJFzZV7eao8NqBt%2F18%2F1wa0u29n6qT5XaVHyVmirJO73bKu23TqmldLbhfysjClQj%2F7hnDuVYBPTXz4lUyUjuGlJuGasTU6q3%2Fz%2FeE1ZhYp8i%2F5CJukoTKV%2BQMY1lWJ%2BFTKKDoahZyoY4mz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfdc9134-FRA
km_sorgula.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/km_sorgula.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f865e39b7031bcd55eb6e55d02958098d5518f4ca55bb69c5be8d88ed23ed99d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2774
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-ad6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rPZiXnMXP1mFVgp1t4KLn11aFZXEM90dOMVCKs2j5YZI%2FTHXCI9dxHTLMx28lyr%2Fvpuf7OvDcuyIGIz0zi74fPwfPsrAPuS%2F87z7QXJy%2BLWGz7aLpWLdDdhp0VWGjRa8J0OmneUAIfzvFzP%2Fevj2syEQlxM8vqn4enX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfdf9134-FRA
km_sorgula_hover.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/km_sorgula_hover.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3d9159bc2f558ae9932f39bebeff659699b35a92078a409a33efa4459ca3689c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2626
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-a42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HmPsmMJ3H%2BvFJ5ejHXP9COYjr2G1ColGgsngI%2FINSKgieOFk9cPFG3sX3cS%2FK0m%2BiJ%2FZnUFiaByR6tucxsUW%2BWSVD2LOTYzopUoYc8GEgm48P89x3KwpI82pufHc6Xlh2ETOaNV6ChhuammcQxDRYqKXMouB6PJXytl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfe19134-FRA
alisveris.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/alisveris.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
73f3d21f59dee0129db1d171f2a722455087c54a19f8c8cbf1aef744a172212b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1435
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-59b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUxLnrh27ipouMU4QzSl7lauCytK1F%2Fa2nnVE%2BTOG27JikJKUq2t4xlbhL3l7UaQ7xlsC5NIirXQLHzCZN%2Fg3su8XiPpqbBoTrmjxohm0LvH%2BTFCi7WVOcZtsG2O6irbd%2F1IpK%2BzAXClTxcOXBtwnF9ECPHoo5EUnbeM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfe29134-FRA
alisveris_hover.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/menu/alisveris_hover.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
def39102d5e4315620953fe7a34aac1df23e5da7b9d47dd744b85e8b02320f95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1391
last-modified
Tue, 30 Jul 2019 21:47:32 GMT
server
cloudflare
etag
"5d40baf4-56f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83Ai7U2HjlAWOwpIyQBDWrpSLKVQhahvbt63foZRw%2BsluFjRxf3bpqRiueHatGxsZNp2LflyJF9jSo8nd9VvhfydZBlaPpTv65e2nlgEu%2FRsytW9g1g9kRyQpHGZ0Wzk5bEmLnuQfXcpXnYhFPPyhCv5PXL7NmXfm%2B7s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfe39134-FRA
homepage.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/panel/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/panel/homepage.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5c8d9dd11ff7b62f695e99322e6dd573d02a0dac1c3aa994247453e335ec4faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4493
last-modified
Sat, 25 May 2019 02:14:38 GMT
server
cloudflare
etag
"5ce8a50e-118d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TquXLEGp9J6mV8ed3nzeRgJ1UyuZCYqTO2XUGYFPZstS2p8KsOhafuSLzdO4Z0NXFmZBtveIT20TroIxkDov35TOrRpWdWJHT7J9nKRz03f%2BQwnNjkp4ssuHI3s3dwoa1vajEB9g5s2QsYSwBUzxyRG29oSIjfbrohoX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfe69134-FRA
hgs.png
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/panel/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/panel/hgs.png?v=201910111500
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7a37a23a524490d994685b8fa15f57d545387b1baaf623b35a1e42f78dd52ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3893
last-modified
Sat, 25 May 2019 02:14:38 GMT
server
cloudflare
etag
"5ce8a50e-f35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO%2F3bXw9CJPA9A4%2BDZ6bP%2Fdq%2F0U0acqfNSmdhRSTT5s97OSFGnerSCq0ktUr4%2FEhMSZoXBvzVH77yTtlN%2FtDZ6WhPrEFNJwzZW0XPspOACa2MmOmev9gpZK0imv8KauWdLgsJeNi0aOeCeILvExWzax3U1Kj%2F%2BWmihQF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfe89134-FRA
right-arrow.png
hgs.pttavm.com/v2/assets/images/buttons/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hgs.pttavm.com/v2/assets/images/buttons/right-arrow.png
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
hgs.js
pttavm-hgxcrsmbaykylsene.com/ 		763 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
cf0054af749b0d91b62a65514e92aaf1ca17032cba27656c81199616dfcd35d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 23:30:44 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"6189b324-becd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jv%2BJskDpOK8ZQPCBRj8GEFq7uI3ImyO5QhcyV%2FvwR9k14Kojc592z91f9YQs2mbrFh858j6dIQL0u9u6XxJJ03FptCPsldahu0Fy2jRZG7TeNcOe6%2FIdjLCfhD1IxgY48XZY2qHLRwvzMJWwvpmaNoqwZqzFKmZEubs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7189e4404eaa9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		424 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14bb2191db260219584718f48fef84fb4b5b6751e9a846a1549dd85be3281da9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
gtm.js
www.googletagmanager.com/ 		275 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMZ3JD
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d96c8b6186c1bea7fbcb34d3e366d5f419da3d442b063b277933e8479ef0d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83678
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Jun 2022 12:32:43 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4106
date
Thu, 09 Jun 2022 11:24:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 09 Jun 2022 13:24:17 GMT
homepage.jpg
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/backgrounds/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/backgrounds/homepage.jpg
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/v2/assets/css/pace.css?v=201910111500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c436cfc044fc4defe48bdf8035274ef669ea4ace90cbc70ec1c4022c60ad2d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/css/pace.css?v=201910111500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
183043
last-modified
Sat, 25 May 2019 02:14:38 GMT
server
cloudflare
etag
"5ce8a50e-2cb03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rC6N%2FohP9OW1pxV0eaODeLNDNI7749uvS5pvIwHiBuWazaMa3Tfnir87ZGJmQAkWKFDY9kKA%2BN205Vleqait6vtgnQdHn%2BB4afa8bpYLJ3NG%2FCXtqVmXzqn6FlvnLdVWe%2B0UoAKLIQFM%2Fd1Gisc%2Bbtxh%2FIdRJcI2Tlr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfe99134-FRA
hgs.jpg
pttavm-hgxcrsmbaykylsene.com/v2/assets/images/backgrounds/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/images/backgrounds/hgs.jpg
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/v2/assets/css/hgs.min_20210727191922.css?v=201910111500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c436cfc044fc4defe48bdf8035274ef669ea4ace90cbc70ec1c4022c60ad2d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/v2/assets/css/hgs.min_20210727191922.css?v=201910111500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
183043
last-modified
Thu, 26 Aug 2021 12:57:56 GMT
server
cloudflare
etag
"61278fd4-2cb03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPuAoAjrgAWkedH6EVOi3pkrc05TSukEIKxZiJYf4egupwWjRr8e%2Bwu9N5WdDgKS%2FYuROW64IE%2BPL%2B0%2FXweTUb%2Bb9K9DapCSWoQIK11a7SHK6nqGH2G14nPHfYglZl87Hi97mn7miguQliYWCIhtnmVx%2B0lw%2F9WRu%2Fmh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7189e440dfea9134-FRA
recaptcha__tr.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__tr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaReadyForInit&hl=tr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2aa1d24017b958e36a239b763fa17296afeac5ea5a84b02371e5b2cdcd50bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pttavm-hgxcrsmbaykylsene.com/
Origin
https://pttavm-hgxcrsmbaykylsene.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147723
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 05:51:09 GMT
datach.php
pttavm-hgxcrsmbaykylsene.com/ 		0
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/datach.php?ip=172.70.251.162
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://pttavm-hgxcrsmbaykylsene.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.19, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAVqNK6ohFhpWSArXLCNYy1tgtlFaCulnsBmEWwYpMABM6Emd0KMuIgWl83gKTuZA6VFhdv%2BCrtWujA1f4yJtBdC%2FLdsptDyhtyEEME63LpNmDxK0ZjRqSq9BzVpw7PYdzNNs%2BkMX9DRGG6GNfGW6Gr1zq9iFaRTWhqZ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7189e4425b3a9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
datach.php
pttavm-hgxcrsmbaykylsene.com/ 		0
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/datach.php?ip=172.70.251.162
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://pttavm-hgxcrsmbaykylsene.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.19, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CV9A73KNc%2Fqap%2BZxmx23pzmoHRk95ux2bMmU49eYFRfuzrVdy3M6zyZa4vV0NosZNP70ZyspliLwCYJfV0wE8gF26T81tXEjvWKUZMQLRKwHE9U5fPr9opJm1nCiJq%2Bn8lKveEG1BZ73s%2F0RItSeX%2B6Vn7oCwgKbiN9l"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7189e4425b3b9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-35753049-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-852040690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da0cb42c71d1dff79fc6c71f337c7c4b4f439e181cc6f919ce4aa85451bcf3d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39815
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Jun 2022 12:32:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35753049-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3478
date
Thu, 09 Jun 2022 11:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 09 Jun 2022 13:34:46 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-852040690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15069
x-xss-protection
0
server
cafe
etag
11223643544955582496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Jun 2022 12:32:44 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2013551100&t=pageview&_s=1&dl=https%3A%2F%2Fpttavm-hgxcrsmbaykylsene.com%2F&ul=en-us&de=UTF-8&dt=HGS%20Online%20Bakiye%20Y%C3%BCkleme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=737828803&gjid=1475763975&cid=941851842.1654777964&tid=UA-35753049-1&_gid=1046109862.1654777964&_r=1&gtm=2ou660&z=358344578
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pttavm-hgxcrsmbaykylsene.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 12:32:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pttavm-hgxcrsmbaykylsene.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/852040690/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852040690/?random=1654777964222&cv=9&fst=1654777964222&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpttavm-hgxcrsmbaykylsene.com%2F&tiba=HGS%20Online%20Bakiye%20Y%C3%BCkleme&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
052a6434ca6b43b1d2c89778a0908a82c0b50afb544f89d4f3b3a14280a748cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 12:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35753049-1&cid=941851842.1654777964&jid=737828803&gjid=1475763975&_gid=1046109862.1654777964&_u=YEBAAUAAAAAAAC~&z=347462353
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pttavm-hgxcrsmbaykylsene.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Jun 2022 12:32:44 GMT
content-type
text/plain
access-control-allow-origin
https://pttavm-hgxcrsmbaykylsene.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/852040690/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/852040690/?random=1654777964222&cv=9&fst=1654776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpttavm-hgxcrsmbaykylsene.com%2F&tiba=HGS%20Online%20Bakiye%20Y%C3%BCkleme&async=1&fmt=3&is_vtc=1&random=1812516119&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 12:32:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/852040690/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/852040690/?random=1654777964222&cv=9&fst=1654776000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpttavm-hgxcrsmbaykylsene.com%2F&tiba=HGS%20Online%20Bakiye%20Y%C3%BCkleme&async=1&fmt=3&is_vtc=1&random=1812516119&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 12:32:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35753049-1&cid=941851842.1654777964&jid=737828803&_u=YEBAAUAAAAAAAC~&z=114766987
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 12:32:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35753049-1&cid=941851842.1654777964&jid=737828803&_u=YEBAAUAAAAAAAC~&z=114766987
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pttavm-hgxcrsmbaykylsene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 12:32:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
datach.php
pttavm-hgxcrsmbaykylsene.com/ 		0
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/datach.php?ip=172.70.251.162
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://pttavm-hgxcrsmbaykylsene.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.19, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1yI2DtcGXnQJVKtsH9FvOtl7kmpyhRI%2Fb4sKtdh61Vta6uKU%2Bw9ckYhYIqqpp6v4S9DScYpRKbSHqmVdBPjO7%2FcoMdsw7wcCYAgF6ZtPCCl38K3vFWEOkJ3fQrlJtNndv8DCA29azLIYbh3KF7VAfkX5djezyYTQ%2BcH"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7189e451fe549134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
datach.php
pttavm-hgxcrsmbaykylsene.com/ 		0
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/datach.php?ip=172.70.251.162
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://pttavm-hgxcrsmbaykylsene.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.19, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FKDp8lLxYIpheN0Q9w0BZeN6gARMjzo1Tf03VNcdWIe1SvNEZu6CTfhY1C72Vg7guaYgtvGrhhvn%2Bhbc%2Fjit7QI4bYvCFs9yfE7T1wiZiLAs6qS0j6kNBk3kHTzW9zD1FE%2FV9E80OIA%2B4kfCc7xmJklNhowlqNSRQbG"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7189e4552d209134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
datach.php
pttavm-hgxcrsmbaykylsene.com/ 		0
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/datach.php?ip=172.70.251.162
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://pttavm-hgxcrsmbaykylsene.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.19, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koAASpkM46pz%2F%2BAHaOL8xB%2B92cRnvpWV4KoaYl8dTZGK8XzmEx1V37zCCvhudjVWhs5k7SENt648Shd3QUiNeCjYtmB3vVfhIO05DiKuMhit84RbayEFOfFWhF8Q7GExjAZunwItrSOr2c%2B%2B53h%2BM3sIIiL5u2Ptp9bR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7189e4619fc89134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
datach.php
pttavm-hgxcrsmbaykylsene.com/ 		0
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pttavm-hgxcrsmbaykylsene.com/datach.php?ip=172.70.251.162
Requested by
Host: pttavm-hgxcrsmbaykylsene.com
URL: https://pttavm-hgxcrsmbaykylsene.com/hgs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.19, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://pttavm-hgxcrsmbaykylsene.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 12:32:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.19, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3SeBk0bh5SEWaEBOt6%2F74EIl4ZvlIjG45dfGwJwJlCrcKJ%2FLK0tQ1vSd88KAFy%2F32qmsf6eGF%2BWVBQzhjzjjBYlCRkPVFKiYfQ3UqY0uNZVMBV47OnqpM9NoL7Aej%2FJbsmlrA%2BX2fikNIxNhABaAbMsDfIeeZZCVpuM"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7189e467dcb29134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| SERVICE_NAME string| TIMESTAMP string| HASH function| $ function| jQuery object| Eager object| paceOptions object| Pace object| dataLayer undefined| mtvRecaptcha undefined| trafikCezasiRecaptcha undefined| trafikCezasiBeyanliRecaptcha undefined| hgsRecaptcha undefined| kmRecaptcha undefined| damageRecaptcha undefined| damageRecaptchaPart function| recaptchaReadyForInit object| _gaq function| gtag function| gonder object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _gat function| DateFormatter function| datetimepickerFactory object| $jscomp object| card function| readURL object| hgs object| km object| damage object| mtv object| traffic object| index object| app function| recaptchaCallback number| kmMuayeneIframeLoadedCount object| kmMuayeneIframe function| recaptchaCallbackFunction object| toastr function| Payment function| Card number| searchVisible boolean| transparent object| priorityNav function| Sweetalert2 function| swal function| sweetAlert function| Cookies function| initializeMustache object| bowser object| _SgmntfY_ object| google_tag_manager function| postscribe object| google_tag_manager_external number| $width object| recaptcha object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.pttavm-hgxcrsmbaykylsene.com/ Name: _gcl_au
Value: 1.1.51451419.1654777964
.pttavm-hgxcrsmbaykylsene.com/ Name: _ga
Value: GA1.2.941851842.1654777964
.pttavm-hgxcrsmbaykylsene.com/ Name: _gid
Value: GA1.2.1046109862.1654777964
.pttavm-hgxcrsmbaykylsene.com/ Name: _gat_gtag_UA_35753049_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://hgs.pttavm.com/v2/assets/images/buttons/right-arrow.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.segmentify.com
googleads.g.doubleclick.net
hgs.pttavm.com
pttavm-hgxcrsmbaykylsene.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.185.194
2600:1901:0:8dc7::
2606:4700:20::ac43:46e2
2606:4700:3033::6815:3922
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0d::9c
052a6434ca6b43b1d2c89778a0908a82c0b50afb544f89d4f3b3a14280a748cf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1345da5bac7dd8a70727f0145bc1fed436d00d976605ddfe11333b032c92a770
14bb2191db260219584718f48fef84fb4b5b6751e9a846a1549dd85be3281da9
152aff59adb2b8a24961196976c1d2f3c9ad05dae5414e8bfce97b7e1d21d033
1cee18a7727b7d96469a3878069a0fb12fd0fc5c7a1b77eeec675f4b9fc182b5
1f33d376f7f030e8668cbafaa1b4ca8e6e2308045336ae21cefc2c4bd659fa75
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
3bdd04595b49305a25b8d2a098e98b841aac3d2c1cb9c1f1897942c6ce8a6d06
3d9159bc2f558ae9932f39bebeff659699b35a92078a409a33efa4459ca3689c
5c8d9dd11ff7b62f695e99322e6dd573d02a0dac1c3aa994247453e335ec4faa
5d96c8b6186c1bea7fbcb34d3e366d5f419da3d442b063b277933e8479ef0d0b
6c810a211fd94c38f68a9bbbbd72a237147d68006e028e6caad824b9291dd9af
73dff3218add3bbac77153de1534cb73903772b7994bddc4c82f4d7feeefa5de
73f3d21f59dee0129db1d171f2a722455087c54a19f8c8cbf1aef744a172212b
7a37a23a524490d994685b8fa15f57d545387b1baaf623b35a1e42f78dd52ca7
7e695bcfdc959cecea57976e0853ea5cd3ec92d70bcc03fd8c3780f488025543
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8ce8bfa7e2ad64a9411cb227fa0b0930ead918dbcbebf8f619081369a361ef4d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2aa1d24017b958e36a239b763fa17296afeac5ea5a84b02371e5b2cdcd50bf9
ad0925145c45e561709cba28e31f5c514d1719ffbdae3617f338ae2f8166a36e
c436cfc044fc4defe48bdf8035274ef669ea4ace90cbc70ec1c4022c60ad2d8e
cf0054af749b0d91b62a65514e92aaf1ca17032cba27656c81199616dfcd35d6
da0cb42c71d1dff79fc6c71f337c7c4b4f439e181cc6f919ce4aa85451bcf3d8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def39102d5e4315620953fe7a34aac1df23e5da7b9d47dd744b85e8b02320f95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb0d521f70a61fb37f4eb4093037a8f14bfda74691af25f2a2cb456c4530b6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f865e39b7031bcd55eb6e55d02958098d5518f4ca55bb69c5be8d88ed23ed99d
fcddcb87157cac3cf86f2933684b0d05e7cb396bba80fa154a6b1a853ce289b2