uygulama.parasut.com Open in urlscan Pro
2606:4700:10::6816:41e9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaayn...
Submission: On January 20 via manual (January 20th 2022, 9:53:32 am UTC) from QA — Scanned from DE

Summary HTTP 135 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 61 IPs in 11 countries across 67 domains to perform 135 HTTP transactions. The main IP is 2606:4700:10::6816:41e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is uygulama.parasut.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2021. Valid for: a year.

This is the only time uygulama.parasut.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:10:... 2606:4700:10::6816:41e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	143.204.101.69 143.204.101.69	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	54.231.133.217 54.231.133.217	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
8	172.67.75.41 172.67.75.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:8757	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.94.161 143.204.94.161	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
4	95.100.153.115 95.100.153.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1	52.86.134.216 52.86.134.216	14618 (AMAZON-AES) (AMAZON-AES)
1 11	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1 2	34.240.183.205 34.240.183.205	16509 (AMAZON-02) (AMAZON-02)
1	104.89.29.143 104.89.29.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.125.198.159 3.125.198.159	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	3.67.18.150 3.67.18.150	16509 (AMAZON-02) (AMAZON-02)
2 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.21.142.210 2.21.142.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.195.106.77 18.195.106.77	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.21.141.186 2.21.141.186	16625 (AKAMAI-AS) (AKAMAI-AS)
5 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	34.249.68.36 34.249.68.36	16509 (AMAZON-02) (AMAZON-02)
2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	54.77.170.127 54.77.170.127	16509 (AMAZON-02) (AMAZON-02)
1	52.218.41.243 52.218.41.243	16509 (AMAZON-02) (AMAZON-02)
3 3	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	85.90.246.38 85.90.246.38	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.169 51.77.65.169	16276 (OVH) (OVH)
1 1	80.82.217.90 80.82.217.90	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	85.90.245.27 85.90.245.27	63949 (LINODE-AP...) (LINODE-AP Linode)
1	108.128.79.28 108.128.79.28	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.66.248.68 18.66.248.68	16509 (AMAZON-02) (AMAZON-02)
2 2	3.212.173.197 3.212.173.197	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.211.244.253 52.211.244.253	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.119.137 35.156.119.137	16509 (AMAZON-02) (AMAZON-02)
4	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
2 2	3.120.29.221 3.120.29.221	16509 (AMAZON-02) (AMAZON-02)
1	51.195.5.234 51.195.5.234	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.90.104.248 104.90.104.248	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:224... 2600:9000:224a:9a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
135	61

1 2606:4700:10::6816:41e9 (United States)

ASN13335 (CLOUDFLARENET, US)

uygulama.parasut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.101.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-69.fra50.r.cloudfront.net

d1lrmnchp1ja3v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.133.217 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

parasut-dosyalar.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.75.41 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.8digits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.8digits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.8digits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8757 (United States)

ASN13335 (CLOUDFLARENET, US)

parasut.hellosmpl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.100.153.115 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-115.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.134.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-134-216.compute-1.amazonaws.com

events.getsitectrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.2.238 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.183.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-183-205.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.29.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-29-143.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.198.159 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-198-159.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.18.150 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-18-150.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.106.77 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-77.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.186 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-186.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.68.36 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.170.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-170-127.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.41.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.80.231 (Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.90.246.38 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1429-38.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.169 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags11.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.90 (Krefeld, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.90.245.27 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1428-27.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.79.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-79-28.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.11 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-68.dus51.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.212.173.197 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-197.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.244.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-244-253.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.119.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.29.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.234 (France)

ASN16276 (OVH, FR)
PTR: p36.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:9a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 5692 track.adform.net — Cisco Umbrella Rank: 3933 c1.adform.net — Cisco Umbrella Rank: 608 dmp.adform.net — Cisco Umbrella Rank: 2434	38 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
10	gstatic.com fonts.gstatic.com	166 KB
9	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	3 KB
9	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 923 trc.taboola.com — Cisco Umbrella Rank: 570 trc-events.taboola.com — Cisco Umbrella Rank: 1857	28 KB
8	8digits.com cdn.8digits.com — Cisco Umbrella Rank: 240306 hit.8digits.com — Cisco Umbrella Rank: 236982 d.8digits.com — Cisco Umbrella Rank: 553129	17 KB
8	cloudfront.net d1lrmnchp1ja3v.cloudfront.net	200 KB
7	adsrvr.org 5 redirects js.adsrvr.org — Cisco Umbrella Rank: 1531 match.adsrvr.org — Cisco Umbrella Rank: 329 insight.adsrvr.org — Cisco Umbrella Rank: 624	5 KB
5	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 6205 tags.adsafety.net — Cisco Umbrella Rank: 83568	8 KB
4	semasio.net 4 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1250	3 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5557	825 B
4	google.com www.google.com — Cisco Umbrella Rank: 13	825 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1300	86 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 404	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1510	1 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 719	1 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1077 load77.exelator.com — Cisco Umbrella Rank: 3641	2 KB
3	advertising.com 3 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	1 KB
3	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 20779 s2.getsitecontrol.com — Cisco Umbrella Rank: 32166	58 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
3	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1953 ka-p.fontawesome.com — Cisco Umbrella Rank: 4636	65 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	716 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	906 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	809 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	518 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 876	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 3719	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751	913 B
2	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 38133 cm.smartstream.tv — Cisco Umbrella Rank: 269906	849 B
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1427 mwzeom.zeotap.com — Cisco Umbrella Rank: 1680	890 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 466	891 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 916	688 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1240	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3772	694 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 675	826 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	500 B
2	hellosmpl.com parasut.hellosmpl.com	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	amazonaws.com parasut-dosyalar.s3.amazonaws.com s3-eu-west-1.amazonaws.com	15 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680	70 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 612	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 367	13 KB
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 22080	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 707	240 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 868	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 596	1009 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 442	340 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 17324	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	544 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 408	338 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 22188	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2015	274 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 677	714 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578	163 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 689	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3238	522 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 20697	344 B
1	getsitectrl.com events.getsitectrl.com — Cisco Umbrella Rank: 64231	853 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	60 KB
1	parasut.com uygulama.parasut.com	12 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
135	67

	Domain	Requested by
11	c1.adform.net	1 redirects track.adform.net c1.adform.net
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com uygulama.parasut.com
10	fonts.gstatic.com	fonts.googleapis.com
8	d1lrmnchp1ja3v.cloudfront.net	uygulama.parasut.com
6	hit.8digits.com	uygulama.parasut.com cdn.8digits.com
5	cm.g.doubleclick.net	4 redirects c1.adform.net
5	match.adsrvr.org	5 redirects
4	trc-events.taboola.com	cdn.taboola.com
4	dmp.adform.net	c1.adform.net
4	cm.adsafety.net	4 redirects
4	uipglob.semasio.net	4 redirects
4	ups.analytics.yahoo.com	2 redirects c1.adform.net
4	www.google.de	uygulama.parasut.com
4	www.google.com	uygulama.parasut.com
4	analytics.tiktok.com	uygulama.parasut.com analytics.tiktok.com
3	secure.adnxs.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	sync.crwdcntrl.net	2 redirects c1.adform.net
3	pixel.advertising.com	3 redirects
3	stats.g.doubleclick.net	www.google-analytics.com
3	cdn.taboola.com	uygulama.parasut.com cdn.taboola.com
3	fonts.googleapis.com	uygulama.parasut.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	track.adform.net	1 redirects uygulama.parasut.com
2	trc.taboola.com	cdn.taboola.com
2	www.facebook.com	uygulama.parasut.com
2	l.getsitecontrol.com	www.googletagmanager.com l.getsitecontrol.com
2	parasut.hellosmpl.com	www.googletagmanager.com parasut.hellosmpl.com
2	connect.facebook.net	uygulama.parasut.com connect.facebook.net
2	ka-p.fontawesome.com	kit.fontawesome.com uygulama.parasut.com
2	maxcdn.bootstrapcdn.com	uygulama.parasut.com maxcdn.bootstrapcdn.com
1	bam.nr-data.net	js-agent.newrelic.com
1	insight.adsrvr.org	js.adsrvr.org
1	js-agent.newrelic.com	uygulama.parasut.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	mwzeom.zeotap.com	c1.adform.net
1	spl.zeotap.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	uygulama.parasut.com
1	events.getsitectrl.com	s2.getsitecontrol.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	d.8digits.com	cdn.8digits.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	s2.adform.net	uygulama.parasut.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn.8digits.com	uygulama.parasut.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	uygulama.parasut.com
1	parasut-dosyalar.s3.amazonaws.com	uygulama.parasut.com
1	kit.fontawesome.com	uygulama.parasut.com
1	uygulama.parasut.com
0	global.ib-ibi.com Failed	c1.adform.net
135	85

This site contains links to these domains. Also see Links.

Domain
www.parasut.com
www.isbank.com.tr
www.garanti.com.tr
www.akbank.com.tr
www.yapikredi.com.tr

Subject Issuer	Validity	Valid
parasut.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-29` - `2022-01-27`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.getsitectrl.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.eyeota.net R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Frame ID: 21BC43333F9230940C5F06A64AFEFA42
Requests: 88 HTTP requests in this frame

Frame: https://parasut.hellosmpl.com/storage.html?s=https://uygulama.parasut.com
Frame ID: D6FAC478953E34631C9A8BE30D0971BB
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Frame ID: C1285681763BE86970DAA09CC5A26065
Requests: 45 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=0n7s1gd&ref=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&upid=dvewcdc&upv=1.1.0
Frame ID: C543C36064E00D5079DC098E84B9F390
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paraşüt – Web Tabanlı Fatura ve Tahsilat Yönetimi

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

135
Requests

81 %
HTTPS

23 %
IPv6

67
Domains

85
Subdomains

61
IPs

11
Countries

1017 kB
Transfer

2839 kB
Size

102
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.parasut.com/?utm_source=customer_portal&utm_medium=footer_link
Title: Paraşüt

Search URL Search Domain Scan URL

URL: https://www.isbank.com.tr/

Search URL Search Domain Scan URL

URL: https://www.garanti.com.tr/

Search URL Search Domain Scan URL

URL: https://www.akbank.com.tr/

Search URL Search Domain Scan URL

URL: https://www.yapikredi.com.tr/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://track.adform.net/Serving/TrackPoint/?pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673

Request Chain 73

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6491992954323528237&Expiration=1643882007 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6491992954323528237&Expiration=1643882007

Request Chain 76

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6491992954323528237&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6491992954323528237&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=900e7a17e6dd46a08988916e0982fd95 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=55939681f69055e8e39439111b01e83f2843cbb78a47001b6eb95fc5596c6844

Request Chain 78

https://pixel.advertising.com/ups/55944/sync?uid=6491992954323528237&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=6491992954323528237&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6491992954323528237&_origin=1&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6491992954323528237&_origin=1&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=70&user_id=6491992954323528237 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6491992954323528237 HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4 HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true

Request Chain 81

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6491992954323528237&expiration=1643882007 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6491992954323528237&expiration=1643882007&C=1

Request Chain 82

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6491992954323528237&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6491992954323528237&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=9f9c61e9-3117-4b00-a03d-da2347e6993b&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=042f6b3d-b6aa-480d-9fb7-372f6190561e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODM4MDc1QkZGNTJERUYzRg&gdpr=1&gdpr_consent=

Request Chain 84

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6491992954323528237 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6491992954323528237&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 86

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6491992954323528237 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6491992954323528237

Request Chain 89

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 90

https://pixel.onaudience.com/?mapped=6491992954323528237&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b2e416f1b72a7fd409ec1f9dbf47fdc6 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=042f6b3d-b6aa-480d-9fb7-372f6190561e&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=8dee18f28b16998f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efafbe7-831f-438f-4370-40d375b41a62&reqId=c55c69db-4a25-4627-74c2-cef52608aaf1&zcluid=8dee18f28b16998f&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEKdwFolbs266zQiR3KIjyLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efafbe7-831f-438f-4370-40d375b41a62&reqId=c55c69db-4a25-4627-74c2-cef52608aaf1&zcluid=8dee18f28b16998f&zdid=1332

Request Chain 91

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6491992954323528237 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM1202201200917729e8f57b044d3ad1&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=b6a333991bb8b571aaf5b0f535fec5de HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202201200917729e8f57b044d3ad1&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=b6a333991bb8b571aaf5b0f535fec5de&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjAxMjAwOTE3NzI5ZThmNTdiMDQ0ZDNhZDE HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEM3GvXPKD-D7ShVaPz-fPQo&google_cver=1 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7055224266123966609

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjQ5MTk5Mjk1NDMyMzUyODIzNw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq4XSiQLvelofIxhfZcNM8&google_cver=1&google_ula=1641347,0

Request Chain 95

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=7385883491268712448&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6491992954323528237

Request Chain 98

https://a.audrte.com/a?adform_uid=6491992954323528237 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEHtt9qU9gEHGUUaJ6Qhx5pE&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=81btWdKmEidQbiaqC-OyJRBAg&gdpr=0&gdpr_consent=

Request Chain 99

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6491992954323528237&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6491992954323528237&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=78567557044829096792247113112409254987&noredirect=1

Request Chain 100

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6491992954323528237 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960204037000155298

Request Chain 101

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7055224266123770001

Request Chain 103

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=9f9c61e9-3117-4b00-a03d-da2347e6993b

Request Chain 104

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=Dq5krEhQ1Nau8g5

Request Chain 105

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=042f6b3d-b6aa-480d-9fb7-372f6190561e

Request Chain 108

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1890582251 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=GdzTpYr1OL8QWNJ6hOr0.u

Request Chain 110

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6491992954323528237 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6491992954323528237&cs=1

Request Chain 112

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6491992954323528237&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6491992954323528237&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=dbeb2767-cb85-487e-b114-41c3621b7fb3

Request Chain 114

https://eb2.3lift.com/xuid?mid=7354&xuid=6491992954323528237&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6491992954323528237&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

135 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 92683673 Show response
uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/ 35 KB
12 KB 482ms
433ms Document
text/html 2606:4700:10::6816:41e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:41e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6868b89ef6cdcfd3a918d63a480dd36a9faa0e0e103bbd8e238315b1f1ae38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.mukellef.co https://online.zirveyazilim.net https://app.yengec.co https://worq.finance/
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	allow-from https://app.mukellef.co https://online.zirveyazilim.net

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
content-type: text/html; charset=utf-8
x-frame-options: allow-from https://app.mukellef.co https://online.zirveyazilim.net
content-security-policy: frame-ancestors 'self' https://app.mukellef.co https://online.zirveyazilim.net https://app.yengec.co https://worq.finance/
link: <//d1lrmnchp1ja3v.cloudfront.net/assets/application-f520afae7e03a28ad845500deded5dff0ac0205d1bd593ad7c3870a8a542f29b.css>; rel=preload; as=style; nopush,<//d1lrmnchp1ja3v.cloudfront.net/assets/portal-2373ab1a6e42d94ff520c145c8e09b36f602d679b48106b915332d0429d02f14.css>; rel=preload; as=style; nopush,<//d1lrmnchp1ja3v.cloudfront.net/assets/modernizr-ffdf1144293b0b53c18e311c18021d18a4f09f6e37f0884e281725d726e64058.js>; rel=preload; as=script; nopush,<//d1lrmnchp1ja3v.cloudfront.net/assets/portal-f2742ba4d1bbee78c054009418ba13461901eb61511d5cf1d2d1a993c9e0e426.js>; rel=preload; as=script; nopush
etag: W/"8a6868b89ef6cdcfd3a918d63a480dd3"
cache-control: max-age=0, private, must-revalidate
x-request-id: 01efbc32-8bbf-4c90-a70b-2c1afccdbed0
x-runtime: 0.061695
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d076a6a2e9883ae-MXP
content-encoding: br

GET
H2 200 application-f520afae7e03a28ad845500deded5dff0ac0205d1bd593ad7c3870a8a542f29b.css
d1lrmnchp1ja3v.cloudfront.net/assets/ 0
580 B 73ms
9ms Stylesheet
text/css 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/application-f520afae7e03a28ad845500deded5dff0ac0205d1bd593ad7c3870a8a542f29b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:55:07 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 19311761
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 20
cf-request-id: 0aa0d0beca00004ee5529b7000000001
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 65e183de0f734ee5-FRA
x-amz-cf-id: 0Vynr6ytLWPF_gn7CMVv7hvxlJfKaAZWVZdD-1xjUztbvz5pI3AmZw==

GET
H2 200 portal-2373ab1a6e42d94ff520c145c8e09b36f602d679b48106b915332d0429d02f14.css
d1lrmnchp1ja3v.cloudfront.net/assets/ 200 KB
27 KB 73ms
10ms Stylesheet
text/css 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/portal-2373ab1a6e42d94ff520c145c8e09b36f602d679b48106b915332d0429d02f14.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

6d156d3f9ce16aa173dda322ed3b7981d870389abf95cb26f66412a5825e3a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:55:36 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
age: 29987870
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 27172
cf-request-id: 081d163fcd000097e443008000000001
last-modified: Thu, 28 Jan 2021 21:02:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 61db8cac7b8297e4-FRA
x-amz-cf-id: dKLNCpf-zTy_5_VKfueunWP7dTsGrSDBZTK4spSKe8eU9yet51Nghg==

GET
H2 200 modernizr-ffdf1144293b0b53c18e311c18021d18a4f09f6e37f0884e281725d726e64058.js Show response
d1lrmnchp1ja3v.cloudfront.net/assets/ 8 KB
4 KB 72ms
9ms Script
application/javascript 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/modernizr-ffdf1144293b0b53c18e311c18021d18a4f09f6e37f0884e281725d726e64058.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

5ba0808a5645a48e91b5e6d29156f82899e277999c3053081e6f5960f337fbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:10:42 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
age: 8379764
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 3517
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 69e8425539244ec2-FRA
x-amz-cf-id: MGuYnVw5edmpKzwRt1n-HoIQ5bpF4FTAMwm6raL3omqcgUV3WTHe_w==

GET
H2 200 portal-f2742ba4d1bbee78c054009418ba13461901eb61511d5cf1d2d1a993c9e0e426.js Show response
d1lrmnchp1ja3v.cloudfront.net/assets/ 382 KB
112 KB 77ms
15ms Script
application/javascript 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/portal-f2742ba4d1bbee78c054009418ba13461901eb61511d5cf1d2d1a993c9e0e426.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

ae5ec8160a04dbdf24196b69f565b450bec3fb487d0abbfc7e07d4dcb04f7d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 05:10:28 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
age: 12285778
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 113806
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6873c0a96d911f29-FRA
x-amz-cf-id: dm17DX3BhLdxURQzqmqaxmYjwMVnfIZcjR14-3tFsoV3uO7Do97xKw==

GET
H2 200 33393da104.js Show response
kit.fontawesome.com/ 11 KB
4 KB 152ms
107ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/33393da104.js

Requested by

Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd1929825aefb893f7aa133aee603dbe12765128f4c0a2ba24a3052a0b5b3e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6d076a6dc948f91f-MXP
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fsvxya8EzMcUz5JaASEh

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 76ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718, 718
age: 23521750
cdn-cachedat: 2021-04-23 05:21:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c783b65627fe9edcb9253bc1edff51e2
cf-ray: 6d076a6dc94a3753-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 7 KB
781 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700,400italic,700italic

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe47bfbdf4f50825926a425f997d4030a0289ea9b9c19f7042f9612cc439bc90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 09:53:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 09:53:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 09:53:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin,latin-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 09:46:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 09:53:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 09:53:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
797 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700&subset=latin,latin-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d17b8e1f22b1cdea05fcee7dd9e1b258187c174665c95729d3726c65e8d550f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 09:27:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 09:53:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 09:53:26 GMT

GET
H/1.1 200
OK 2021_09_27__07_39_28--beliga_logo-01.jpg
parasut-dosyalar.s3.amazonaws.com/production/Company/logo/447889/ 14 KB
15 KB 777ms
138ms Image
application/octet-stream 54.231.133.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://parasut-dosyalar.s3.amazonaws.com/production/Company/logo/447889/2021_09_27__07_39_28--beliga_logo-01.jpg
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.133.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fba78ed6f4d04a905ff4082125b4dbf140bccf30daab5dcb86594b6baeb6d48d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:28 GMT
Last-Modified: Mon, 27 Sep 2021 07:39:34 GMT
Server: AmazonS3
x-amz-request-id: BEBJMN1WGFA179T9
ETag: "30756ade24cf371af0f170ffedeb917b"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 14645
x-amz-id-2: oMh1veCa4tTa65Wo6b1/Iq6t3WEAuK/XBTqoo70WbYSSd76SLTo1Fn6/RXMeliKkb62KHN69P+s=

GET
H2 200 is-bankasi-65a8b967bd393f87489c67c1b55448c95436f5d006e0a774293068a57b30e465.png
d1lrmnchp1ja3v.cloudfront.net/assets/portal/ 17 KB
17 KB 11ms
9ms Image
image/png 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/portal/is-bankasi-65a8b967bd393f87489c67c1b55448c95436f5d006e0a774293068a57b30e465.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

4433a07c5e77a2b194d5c293d905f42fafa70ff10e2be2fe17b5692d1d5d7993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 06:32:32 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
age: 29042454
x-cache: Hit from cloudfront
content-length: 17270
cf-request-id: 08557026b90000cd9b769db000000001
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6235b61df8f4cd9b-CDG
x-amz-cf-id: rqv2QREzEG09RkseAZROt2Z7g7LlIDiXylBd2AGbs4wNLZEHSNHRKw==

GET
H2 200 garanti-164faecabda138549000da100a11dcf08437a629456059169223c34282451641.png
d1lrmnchp1ja3v.cloudfront.net/assets/portal/ 16 KB
16 KB 12ms
12ms Image
image/png 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/portal/garanti-164faecabda138549000da100a11dcf08437a629456059169223c34282451641.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

3d99938438560353702fb9ecff643eb2616fe361b3d4cff8b55fba6f6a3c992d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 13:51:18 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
age: 30916928
x-cache: Hit from cloudfront
content-length: 16098
cf-request-id: 07e5b5ec46000064af2c202000000001
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6182f28d3ec764af-FRA
x-amz-cf-id: mGEGnpyMncWXScwKTJZEzGRqRU7YfkRVKovJ640f_5ZSuhoiOLTukQ==

GET
H2 200 akbank-841cc4876bb48c104eb87d40705c7421f256f52ef7f874fbf252fdd5540735e6.png
d1lrmnchp1ja3v.cloudfront.net/assets/portal/ 4 KB
4 KB 10ms
10ms Image
image/png 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/portal/akbank-841cc4876bb48c104eb87d40705c7421f256f52ef7f874fbf252fdd5540735e6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

a4d1acbb118ba1eda0e1c57f0693269a5ef2ce299c2b5d8480bfff7e395799a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:01:49 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 9774516
x-cache: Hit from cloudfront
content-length: 3721
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 69e72da55ca3702d-FRA
x-amz-cf-id: WJMzy7ZAypyg5ZB7V8k106tzn5v4xOTgaW1m4vAdj_nvPT7eQKQBAQ==

GET
H2 200 yapikredi-b0e6d7f4af36103b8b1e99f9534731c98c2574efeb9bb0dc0ccfa4ebbb200ca5.png
d1lrmnchp1ja3v.cloudfront.net/assets/portal/ 18 KB
19 KB 13ms
12ms Image
image/png 143.204.101.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1lrmnchp1ja3v.cloudfront.net/assets/portal/yapikredi-b0e6d7f4af36103b8b1e99f9534731c98c2574efeb9bb0dc0ccfa4ebbb200ca5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-69.fra50.r.cloudfront.net

Software

cloudflare /

Resource Hash

a40df38ded49429aa3fade2f296381b2460c0894856e7dc7342c03221df8ee4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:07:03 GMT
via: 1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
age: 5813183
x-cache: Hit from cloudfront
content-length: 18919
last-modified: Tue, 26 Jan 2021 16:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6add06ff9ffadfdb-FRA
x-amz-cf-id: K8PhZTivS9kM8IvQ2z6pNXfUzOg4fNG4jVn3Usywxp7VwqlPm6UxPg==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 71ms
29ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=33393da104
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/33393da104.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 10245507
etag: "610ae215-d3b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6d076a6eb8802bdd-FRA
content-length: 54194

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
60 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSN5V3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f232b8087de38bece1c9a12701316772ffcddd1041ba93ee6aa10fe5473d9127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61292
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 09:53:26 GMT

GET
H2 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
65 KB 41ms
21ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
age: 1920295
cdn-proxyver: 1.0
cdn-cachedat: 11/05/2021 23:13:42
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: de78324ed0a78fd2b937371869e3695c
accept-ranges: bytes
cf-ray: 6d076a6ebd708bed-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 36ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 57427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 39ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 504818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:39:48 GMT

GET
H2 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 17 KB
17 KB 43ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c08e1eb8a5b0469f36408aff182967571b49017470c32152e9a44023785270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 13:02:31 GMT
x-content-type-options: nosniff
age: 593455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17352
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 13 Jan 2023 13:02:31 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 49ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 17:55:21 GMT
x-content-type-options: nosniff
age: 230285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 17 Jan 2023 17:55:21 GMT

GET
H2 200 KFOjCneDtsqEr0keqCMhbCc6CsQ.woff2
fonts.gstatic.com/s/ubuntumono/v10/ 27 KB
27 KB 50ms
22ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntumono/v10/KFOjCneDtsqEr0keqCMhbCc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d12493452a845c32b4e0db25c16142e7645e9cb80f00511e53c5760794c9cf94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 04:27:54 GMT
x-content-type-options: nosniff
age: 537932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:56:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 04:27:54 GMT

GET
H2 200 KFO-CneDtsqEr0keqCMhbC-BL9H1tY0.woff2
fonts.gstatic.com/s/ubuntumono/v10/ 25 KB
25 KB 52ms
24ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntumono/v10/KFO-CneDtsqEr0keqCMhbC-BL9H1tY0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d10c094bd171cdc7a21803bb5ad34439edb7be2e19aa9c3e2d1f624e00747d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 03:24:34 GMT
x-content-type-options: nosniff
age: 109732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25688
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:35:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 03:24:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 33ms
18ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 08:01:19 GMT
x-content-type-options: nosniff
age: 179527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 08:01:19 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 12 KB
12 KB 27ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 20:59:55 GMT
x-content-type-options: nosniff
age: 392011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 15 Jan 2023 20:59:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 21:18:23 GMT
x-content-type-options: nosniff
age: 218103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 17 Jan 2023 21:18:23 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 156932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 14:17:54 GMT

GET
H2 200 pro-fa-regular-400-5.0.13.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 7 KB
7 KB 29ms
29ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.13.woff2
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64c70703236783a77935f2454a78073771d9416809716ff184bc831006878c5

Request headers

Referer: https://uygulama.parasut.com/
Origin: https://uygulama.parasut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:26 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
server: cloudflare
age: 1133867
etag: "610ae35c-1b64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6d076a6f7a212bdd-FRA
content-length: 7012

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSN5V3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1113
date: Thu, 20 Jan 2022 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 20 Jan 2022 11:34:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 72ms
28ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSN5V3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14846
x-xss-protection: 0
server: cafe
etag: 1633785920527017951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: JFPjKqoA7k0mDj4DyIh0dw2/1mshTD1F58cuHHV+fFWHkGy5CxxGbjdVqOa9b2sqE+cu/3x8VHqVXTNNsTJmrg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Thu, 20 Jan 2022 09:53:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1149059/ 55 KB
17 KB 175ms
123ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b851291c0c4d61eec2ffaa2d8b789aed7928bf090b9fa96575be84e64679b215

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 1Ey4w7wMqychhzACzrVxEtl2xJCP8etO
content-encoding: gzip
etag: "84c94c3fda6b6e5959f9630990b016b1"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17372
x-amz-id-2: ZCI9qqnNyuG4s2QhJinOj8ENzPuJfDXnuTuoMqJSmtwSFfjb0A+2E0HUtblhHnm93KTTopOXPLI=
x-served-by: cache-mxp6952-MXP
last-modified: Sun, 16 Jan 2022 11:23:20 GMT
server: AmazonS3
x-timer: S1642672407.037413,VS0,VE107
date: Thu, 20 Jan 2022 09:53:27 GMT
vary: Accept-Encoding
x-amz-request-id: 5PVMKK982T7VPGHE
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 58
x-cache-hits: 1

GET
H2 200 automation.js Show response
cdn.8digits.com/ 50 KB
13 KB 114ms
39ms Script
application/javascript 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.8digits.com/automation.js
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2296a73f86fe4fc3d75472f15ce6d9622c616e1e441410ec6ef057f4e5e14b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Nov 2018 13:04:03 GMT
server: cloudflare
age: 198
etag: W/"5bf557c3-c747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1n1moKn%2FSPyN%2Blf4JWdqHQnSYyaZxyhyEWnK6iSmq6YcnbtTwVPzVRRSMfqRbbABtR8pto%2B9jEtF3H161qwCA2h%2BARkly0kIPtmaRqt2dTJXg%2B30CQFxhLqBX7IekTqDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d076a7028dde5a7-MAN
expires: Thu, 20 Jan 2022 09:52:00 GMT

GET
H2 200 on.js Show response
parasut.hellosmpl.com/ 46 KB
17 KB 99ms
40ms Script
application/javascript 2606:4700:3036::ac43:8757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://parasut.hellosmpl.com/on.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSN5V3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:8757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a02b3d418f035dcd48e62bff7a85071b24c6279c756886220176926ee18863f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Jan 2022 10:20:41 GMT
server: cloudflare
etag: W/"61dffcf9-b998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkJyRhDX3b7R9dbiqgB6Z4hLuyZQMGTakYmbaMQWw85w9bGpH7NGmNhUxscS9B%2BJaHCCQfWfaY79lOuablIlZFcg2h%2BrfSZgahqH4rULsp1Za5PZzbaxSNiRuCY8hpxublYqfUHtoXV7BXn%2Fk8CLaydWLn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=900, public
cf-ray: 6d076a70099c83bb-MXP
expires: Thu, 20 Jan 2022 10:01:42 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 32ms
7ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSN5V3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 16:07:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 107791
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: uCklx11OL-dUv86js875Dw4x8fe5JkUX44rQ2pAgxpRSyEzhKY2O6Q==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 79 KB
28 KB 290ms
19ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:08 GMT
server: nginx
etag: W/"613888f4-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 184ms
126ms Script
application/javascript 95.100.153.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C71GCJ5MTNITSJIUUJS0&lib=ttq
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-115.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 5063084.886af63
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-94.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642672407094345
x-cache: TCP_MISS from a95-100-153-111.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 97,95.100.153.111
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=3, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 20220120095327010113135038172831F9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,72.247.190.94
x-tt-trace-host: 0163668e20f653a14bb309b41281f67df98f5fcd8efd26cf8e5d0185d91d2f356dc727a0597b37228700aacb3a76f56fda87b99eb023a67f8765734f468c3609d73d2f08644b9aa48a6171a4c061817e987936a72664a069e085102c0caf2fe3fc8a01b1f36ed0f7faffe39c6b0b288379
expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2 200 l46d6y0w.js Show response
l.getsitecontrol.com/ 433 B
1 KB 95ms
61ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/l46d6y0w.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSN5V3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 73c1bce1413b78a41e5a0b7b748d74c025ed9d6c7f3dba816899d39963e75a35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: P4W5DMTM2NFHA0PR
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 01/16/2022 19:02:17
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: b3W2kB1ASGbju45d8EDYgTdE7JyEpJNcQuGaTIZhy0uNPPBGrJuCOZV6Nbkx8wt4gYwtAohTmR4=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Sun, 16 Jan 2022 00:39:12 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"697d7ae66bf9e8debd10a22c380f9f0d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=86400
cdn-requestid: 60768241764fa0bd09592a1e86a269ed
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 69ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=1202814870&gjid=435464641&_gid=942018186.1642672407&_u=YGBAgEABAAAAAE~&z=487141510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uygulama.parasut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: text/plain
access-control-allow-origin: https://uygulama.parasut.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1043626174&t=pageview&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=129047841&gjid=1436267440&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&_r=1&gtm=2wg1c0TSN5V3&z=1447207365

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uygulama.parasut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uygulama.parasut.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=pageview&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1202814870&gjid=435464641&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=1120509163

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29163
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1526386540908602 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1526386540908602?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c051b747e8d88fd0789799cc1641c73787a12ad81092906db61651e7c0a1671

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88926
x-xss-protection: 0
pragma: public
x-fb-debug: E/cWvOyH3BAy9+FC8n5ydkDObzngNN6yD6oVigUIIlU24FfdBOum0OZzr2SK3BJ7uzgLO6g30fBF8G+E/X9g9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 20 Jan 2022 09:53:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973483779/ 3 KB
2 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973483779/?random=1642672407055&cv=9&fst=1642672407055&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&tiba=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51bac1cc7722af4079f6b47bb626926211ba32418177af4520a99d6f84564f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 34ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=129047841&gjid=1436267440&_gid=942018186.1642672407&_u=YGDAAEABAAAAAG~&z=893656014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uygulama.parasut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: text/plain
access-control-allow-origin: https://uygulama.parasut.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 24ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1526386540908602&ev=PageView&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&rl=&if=false&ts=1642672407091&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1642672407090.905797402&it=1642672407039&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 55ms
29ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=1202814870&_u=YGBAgEABAAAAAE~&z=171223325

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=1202814870&_u=YGBAgEABAAAAAE~&z=171223325

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 76ms
51ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=129047841&_u=YGDAAEABAAAAAG~&z=1436918122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=129047841&_u=YGDAAEABAAAAAG~&z=1436918122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 storage.html Show response
parasut.hellosmpl.com/ Frame D6FA 754 B
1 KB 147ms
125ms Document
text/html 2606:4700:3036::ac43:8757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://parasut.hellosmpl.com/storage.html?s=https://uygulama.parasut.com

Requested by

Host: parasut.hellosmpl.com
URL: https://parasut.hellosmpl.com/on.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:8757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550514bc4c6014a1fbc72012bbcd904532de4083c453dadc2a81405d7e68ec44

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: text/html
last-modified: Mon, 20 Sep 2021 21:50:34 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKBpXyxFOJgevBgud1g5EgC80fafq0jX32uatvCgz%2B5xg2bP2YM0%2BI9%2FRCEsjFeJn7yuQYr2AGIoWAw6p3hnFZ9WUOidw7bnNCQuMaMkXw7xqDMS1cYB3vxB%2BaSV%2Fm1H5nEJ4MQwFzeXmhFULKyYPcfbZAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 6d076a709af983be-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l46d6y0w.json Show response
l.getsitecontrol.com/ 134 KB
6 KB 135ms
118ms XHR
application/json 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/l46d6y0w.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/l46d6y0w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e4129b9f128f30f6e468c085f6e7b2925803ff02d8d7ac66cbc9e9be948ac7dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 756
x-amz-request-id: 89BCHR8JBAF2SN07
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 01/16/2022 02:07:57
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 3FA4jGZvLhn/++Wj4617W2u6yhrLLpeopbo9jdldq9hj5vWr8lj5tvmgbJGx2t8OkTslLkfgRJE=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Sun, 16 Jan 2022 00:39:12 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"002526ee730c347eca652b3eb4587533"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: c1a08d185e13e7d2e27eaf9e8ed2a78f
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hit
hit.8digits.com/ 43 B
415 B 89ms
70ms Image
image/gif 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hit.8digits.com/hit?0.29900076076286&sessionCode=7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC&visitorCode=A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC&trackingCode=cc7ndnb8&hitCode=99920073&domain=uygulama.parasut.com&referrer=&pageTitle=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&path=/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FL43Spc1tsyMg6rLjMra14W7c6FzrwKYfTc26ClASopu%2FewXKnzMvTs3nnCbpfttFa9nCcodgKoyw%2Bphf0vuSqEDmbQ78M1AYBjqftHOJ5S41d6xFUtBTqdgL8%2FzP%2BICw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray: 6d076a70a97ae5a7-MAN
content-length: 43
expires: Fri, 31 Dec 1998 12:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/973483779/ 42 B
548 B 28ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973483779/?random=1642672407055&cv=9&fst=1642669200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&frm=0&url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&tiba=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&async=1&fmt=3&is_vtc=1&random=301583198&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/973483779/ 42 B
548 B 24ms
21ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/973483779/?random=1642672407055&cv=9&fst=1642669200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&frm=0&url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&tiba=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&async=1&fmt=3&is_vtc=1&random=301583198&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1149059/trc/3/ 2 KB
1 KB 81ms
59ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1149059/trc/3/json?tim=1642672407165&data=%7B%22id%22%3A229%2C%22ii%22%3A%22%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1642672407157%2C%22cv%22%3A%2220220116-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dparasut-sc-tr%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1642672407164%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 236b4fae2b054645a00e2cdcf5e4af2a24cb6daabc52dfff0b571b686034c8ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 41
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
server: nginx
x-timer: S1642672407.196658,VS0,VE41
x-served-by: cache-mxp6952-MXP
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 122ms
122ms Script
application/javascript 95.100.153.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C71GCJ5MTNITSJIUUJS0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-115.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 2f83713c.886b0a7
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-95.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642672407268195
x-cache: TCP_MISS from a95-100-153-111.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 95,95.100.153.111
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=4, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 2022012009532701011313517417240F8A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,72.247.190.95
x-tt-trace-host: 0163668e20f653a14bb309b41281f67df98f5fcd8efd26cf8e5d0185d91d2f356d392d6abbf2124756759bf0ef45e718f3ccc761f98fcb297b4aa96fccba030a6b8655933d0a33ac387e2ef4c598629c69a7836b73ef3fdde52e679b8daab4d0033539a3ff77a4055b4b6cc7b84eb4e185
expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 99ms
99ms Script
application/javascript 95.100.153.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C71GCJ5MTNITSJIUUJS0&hostname=uygulama.parasut.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C71GCJ5MTNITSJIUUJS0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-115.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8b39bddd7498c3e77fea402462e17779f5ed36e5dfc62ad6b378e21c03f0f89b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: e399fc4.886b0d4
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-101.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642672407289597
x-cache: TCP_MISS from a95-100-153-111.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 90,95.100.153.111
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 20220120095327010113006160141A45BC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,72.247.190.101
x-tt-trace-host: 0163668e20f653a14bb309b41281f67df98f5fcd8efd26cf8e5d0185d91d2f356d739f9d895c0aa9bbbf4f1fc402ecc6c507e2944673583712d63bd8489b7b6fd2f02334ea3d22ca91452218f5f938a01e50a74e21d161d786b46b163bac186bd07db38915b19c2f754a4aadb3d8ec701d
expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2 200 js Show response
d.8digits.com/ 8 KB
2 KB 86ms
70ms Script
application/javascript 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.8digits.com/js?trackingCode=cc7ndnb8
Requested by: Host: cdn.8digits.com
URL: https://cdn.8digits.com/automation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1619f2db873979f40266ed238ec37ce72478e22d3c40304169dd763563fb1edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
last-modified: Sun, 12 Dec 2021 06:45:33 GMT
server: cloudflare
etag: W/"61b59a8d-1e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D46JOdBwPQvrE2%2FMGH7F4dk2UZWtirEtgiZNRW%2F8Ght8QUTzQ02wi5qdqS1GGz4dwI3LYYMkESTE41yMandwyH2UpK9p%2FbdNIXsHoPApP1S8U%2FfQC%2BvtR8uSMfotzQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: true
cf-ray: 6d076a716a64e5a7-MAN
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 20 Jan 2022 10:08:27 GMT

GET
H2 200 runtime.d7f8b28.js Show response
s2.getsitecontrol.com/widgets/es6/ 145 KB
51 KB 23ms
7ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d7f8b28.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/l46d6y0w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 01b8bc678cada8e2bc35d15a806e7c6b1039b39554a09a31f625b7e9f09058f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: FHZ5V7FYQDAGEHCZ
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 01/13/2022 10:36:38
cdn-pullzone: 83560
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: F1FiJqwMm+M4oIm6d/L/1rucVKAgONO60aLrEccaZBdd+TfwLurpBx9B26JRxUIYdDakBBFAnHs=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Thu, 13 Jan 2022 09:24:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"0f700c6dcfe121c49f89bbb6251ad5cb"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=22809600
cdn-requestid: 9752a6db16f17799b2afcbc6b12ca8cd
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 json Show response
trc.taboola.com/1296908/trc/3/ 2 KB
1 KB 55ms
55ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1296908/trc/3/json?tim=1642672407249&data=%7B%22id%22%3A639%2C%22ii%22%3A%22%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1642672407157%2C%22cv%22%3A%2220220116-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dparasut-sc-tr%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1642672407167%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b039a730f749253a13d6d87fe42b6083daca084bcc0b869234d02298fe8a3b21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 36
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
server: nginx
x-timer: S1642672407.261571,VS0,VE36
x-served-by: cache-mxp6952-MXP
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.parasut.co...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.paras...

838 B
1 KB

24ms
23ms

Script
text/javascript

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673

Requested by

Protocol

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cc66233bd85de87119e58e58b7d215e02062b6bd179826dc607f43fdf8eff610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 676
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 18ms
14ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2296
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: eW3h89yrtwcHpvKq3c5HsWXhqbcEdMeXgca1pUDCy9F7gwIrpLfh/z3DHAPkmlrr9HUU8h/cJrM=
x-served-by: cache-mxp6952-MXP
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1642672407.318428,VS0,VE0
date: Thu, 20 Jan 2022 09:53:27 GMT
vary: Accept-Encoding
x-amz-request-id: 590HHT1T5ZEWHPYV
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 58
x-cache-hits: 16647

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
6 KB 19ms
15ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 15063
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: ixu+D4fP31o1CpNdCEKGb6kiXRC0lSRr4LAciyGgNuj+kWtSsITgNilYjKVXV4gczzeWhjKz5rA=
x-served-by: cache-mxp6952-MXP
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1642672407.319481,VS0,VE0
date: Thu, 20 Jan 2022 09:53:27 GMT
vary: Accept-Encoding
x-amz-request-id: MMPHZ9PNJJ540DEQ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 58
x-cache-hits: 84022

GET
H2 200 events Show response
events.getsitectrl.com/api/v1/ 605 B
853 B 333ms
122ms Fetch
text/plain 52.86.134.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d7f8b28.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.134.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-134-216.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: 5534b4dce94eacc9025070bc568ac1d86eaf18ae0f0bf7ad09d81a04aa41eb72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 605

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=8digits&ea=8digitsLoaded&el=Shown&_u=aGDAAEABAAAAAG~&jid=1146860257&gjid=1886026401&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&_r=1&_slc=1&z=161090690

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uygulama.parasut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uygulama.parasut.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setpageattrs
hit.8digits.com/ 43 B
311 B 68ms
67ms Image
image/gif 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hit.8digits.com/setpageattrs?trackingCode=cc7ndnb8&visitorCode=A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC&sessionCode=7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC&obj=%7B%22pageType%22:%22uygulama%22%7D&domain=uygulama.parasut.com&path=/np%3Fnp%23np&hitCode=99920073&rnd=0.7852072168000468
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfybXCqsoEvVk2k051Q4OXK8eDAoPF5%2BOgVIQPiDu477p%2Bhf2M8ceso7u1OoZKVIRl%2BQM5gYpNsChxiG9Vs0xReYcUQ9ulKCirdzxFTEuysxcDEiUcGAu0zqgREnhY%2Bq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray: 6d076a71fafee5a7-MAN
content-length: 43
expires: Fri, 31 Dec 1998 12:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
712 B 105ms
104ms Ping
application/octet-stream 95.100.153.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C71GCJ5MTNITSJIUUJS0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-115.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uygulama.parasut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 72366ef.886b1b0
date: Thu, 20 Jan 2022 09:53:27 GMT
x-cache-remote: TCP_MISS from a72-247-190-92.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-111.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 97,95.100.153.111
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=10, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012009532701011313509807227561
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,72.247.190.92
x-tt-trace-host: 0163668e20f653a14bb309b41281f67df98f5fcd8efd26cf8e5d0185d91d2f356d2156e67fa166c5466fcbe3c942bf940d254536a4a71b663bfd55d897843c8380c7bfd8fb7526f4265386552444f62543b163c0955bf4815844714442a2614236c281ad63050ff7ffea1700869d1d3015
expires: Thu, 20 Jan 2022 09:53:27 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 40ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=1146860257&gjid=1886026401&_gid=942018186.1642672407&_u=aGDAAEABAAAAAG~&z=1876061623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uygulama.parasut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: text/plain
access-control-allow-origin: https://uygulama.parasut.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
34ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=1146860257&_u=aGDAAEABAAAAAG~&z=624602485

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45292337-1&cid=1498421211.1642672407&jid=1146860257&_u=aGDAAEABAAAAAG~&z=624602485

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame C128 5 KB
2 KB 64ms
19ms Document
text/html 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=2498067&ADFPageName=Remarketing&ADFdivider=%7C&ord=968336029725&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

509262aabd688fa1826bfd683b91d1612f908b4eab58f78b7ba2a85985b4665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/

Response headers

server: nginx
date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
344 B 234ms
21ms Image
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=6491992954323528237&stamp=WtfFidBoiEoDvP-67D9Y4w2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jan 2022 09:53:27 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame C128 0
261 B 23ms
22ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame C128
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6491992954323528237&Expiration=1643882007
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6491992954323528237&Expiration=1643882007

43 B
422 B

34ms
33ms

Image
image/gif

34.240.183.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6491992954323528237&Expiration=1643882007
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Server: 34.240.183.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-183-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6491992954323528237&Expiration=1643882007
date: Thu, 20 Jan 2022 09:53:27 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C128 0
522 B 88ms
25ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=6491992954323528237

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 09:53:27 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 19 Jan 2022 09:53:27 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C128 0
214 B 629ms
154ms Image
text/plain 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame C128
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6491992954323528237&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6491992954323528237&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=900e7a17e6dd46a08...
https://c1.adform.net/serving/cookie/match?party=9&uid=55939681f69055e8e39439111b01e83f2843cbb78a47001b6eb95fc5596c6844

35 B
468 B

20ms
20ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=55939681f69055e8e39439111b01e83f2843cbb78a47001b6eb95fc5596c6844

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=55939681f69055e8e39439111b01e83f2843cbb78a47001b6eb95fc5596c6844
date: Thu, 20 Jan 2022 09:53:27 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C128 43 B
163 B 54ms
16ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6491992954323528237&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame C128
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=6491992954323528237&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=6491992954323528237&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6491992954323528237&_origin=1&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4
https://ups.analytics.yahoo.com/ups/55944/sync?uid=6491992954323528237&_origin=1&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true

0
123 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=6491992954323528237&_origin=1&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=6491992954323528237&_origin=1&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true
date: Thu, 20 Jan 2022 09:53:27 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame C128 43 B
714 B 105ms
53ms Image
image/gif 2.21.142.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1642672407512054-373
Expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/ Frame C128
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6491992954323528237
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6491992954323528237
https://pixel.advertising.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4
https://ups.analytics.yahoo.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true

0
331 B

9ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=ff1098b1-4ee1-4a24-b79a-26a8d688d879&_origin=1&gdpr=&gdpr_consent=&apid=UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4&verify=true
date: Thu, 20 Jan 2022 09:53:27 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C128
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6491992954323528237&expiration=1643882007
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6491992954323528237&expiration=1643882007&C=1

43 B
1006 B

51ms
51ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6491992954323528237&expiration=1643882007&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 20 Jan 2022 09:53:27 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6491992954323528237&expiration=1643882007&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C128
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6491992954323528237&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6491992954323528237&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=9f9c61e9-3117-4b00-a03d-da2347e6993b&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=042f6b3d-b6aa-480d-9fb7-372f6190561e
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODM4MDc1QkZGNTJERUYzRg&gdpr=1&gdpr_consent=

170 B
188 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODM4MDc1QkZGNTJERUYzRg&gdpr=1&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:26 GMT
frontend-id: 8
location: https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODM4MDc1QkZGNTJERUYzRg&gdpr=1&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame C128 0
344 B 42ms
8ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6491992954323528237&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:27 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame C128
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6491992954323528237
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6491992954323528237&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
335 B

68ms
13ms

Image
image/gif

2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry8W+Bz/XcgLAA==
x-accel-expires: @1642937018
date: Thu, 20 Jan 2022 09:53:27 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: RgVfpFQx/cQ=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 772189
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame C128 0
0 33ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

tpid=6491992954323528237
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame C128
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6491992954323528237
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6491992954323528237

49 B
737 B

41ms
39ms

Image
image/gif

34.249.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Server: 34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.131
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6491992954323528237
cache-control: no-cache
x-server: 10.45.16.253
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame C128 62 B
304 B 224ms
159ms Image
image/gif 104.89.42.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-42-102.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:27 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame C128 43 B
274 B 81ms
16ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame C128
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

167ms
43ms

Image
image/gif

52.218.41.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Server: 52.218.41.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:28 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: BEBWR70PFEQ3VKFC
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: eswtjmpFOcnWa6+5/MZV8svft5nly+/nvj4nTLhF0kVEwkqturloTLWiuYALgQlkgh/5AOVUIwE=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

mw
mwzeom.zeotap.com/ Frame C128
Redirect Chain

https://pixel.onaudience.com/?mapped=6491992954323528237&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b2e416f1b72a7fd409ec1f9dbf47fdc6
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=042f6b3d-b6aa-480d-9fb7-372f6190561e&icm
https://spl.zeotap.com/?zdid=1332&zcluid=8dee18f28b16998f
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efafbe7-831f-438f-4370-40d375b41a62&reqId=c55c69db-4a25-4627-74c2-cef52608aaf1&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEKdwFolbs266zQiR3KIjyLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efafbe7-831f-438f-4370-40d375b41a62&reqId=c55c69db-4a25-4627-74c2-cef...

95 B
165 B

58ms
49ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEKdwFolbs266zQiR3KIjyLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efafbe7-831f-438f-4370-40d375b41a62&reqId=c55c69db-4a25-4627-74c2-cef52608aaf1&zcluid=8dee18f28b16998f&zdid=1332
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 6d076a787d93375b-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEKdwFolbs266zQiR3KIjyLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2efafbe7-831f-438f-4370-40d375b41a62&reqId=c55c69db-4a25-4627-74c2-cef52608aaf1&zcluid=8dee18f28b16998f&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

403
Forbidden

/
cm.smartstream.tv/ Frame C128
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=6491992954323528237
https://tags.adsafety.net/v1/cm?cm_uid=CM1202201200917729e8f57b044d3ad1&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=b6a333991bb8b571aaf5b0f535fec5de
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202201200917729e8f57b044d3ad1&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=b6a333991bb8b571aaf5b0f535fec5de&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjAxMjAwOTE3NzI5ZThmNTdiMDQ0ZDNhZDE
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEM3GvXPKD-D7ShVaPz-fPQo&google_cver=1
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7055224266123966609

0
0

36ms
6ms

Image
text/html

85.90.245.27
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7055224266123966609
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Server: 85.90.245.27 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1428-27.members.linode.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7055224266123966609
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame C128 0
338 B 138ms
30ms Image
text/plain 108.128.79.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.79.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-79-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1642672407
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame C128
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjQ5MTk5Mjk1NDMyMzUyODIzNw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq4XSiQLvelofIxhfZcNM8&google_cver=1&google_ula=1641347,0

35 B
468 B

19ms
19ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq4XSiQLvelofIxhfZcNM8&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq4XSiQLvelofIxhfZcNM8&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame C128 0
261 B 21ms
19ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame C128
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=7385883491268712448&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6491992954323528237

43 B
992 B

29ms
29ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6491992954323528237

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 09:53:27 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5bbf60ad-12ae-437d-942c-52d7cd0eb3e6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=6491992954323528237
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C128 42 B
544 B 62ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:621
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame C128 43 B
444 B 91ms
10ms Image
image/gif 18.66.248.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-68.dus51.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 10:03:21 GMT
Via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 85806
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Content-Length: 43
X-Amz-Cf-Id: mc1kZqb9nbzHtaPRYUUNLUcArzC53LZCNJiTzaUhAUbQXUv78ATr9g==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame C128
Redirect Chain

https://a.audrte.com/a?adform_uid=6491992954323528237
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEHtt9qU9gEHGUUaJ6Qhx5pE&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=81btWdKmEidQbiaqC-OyJRBAg&gdpr=0&gdpr_consent=

0
344 B

12ms
12ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=81btWdKmEidQbiaqC-OyJRBAg&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:28 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Thu, 20 Jan 2022 09:53:28 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=81btWdKmEidQbiaqC-OyJRBAg&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame C128
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6491992954323528237&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6491992954323528237&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=78567557044829096792247113112409254987&noredirect=1

35 B
468 B

19ms
19ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=78567557044829096792247113112409254987&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v027-0a1e7b08a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /WyYylg1R3A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=78567557044829096792247113112409254987&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame C128
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6491992954323528237
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960204037000155298

35 B
468 B

178ms
21ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960204037000155298

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:27 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164960204037000155298
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame C128
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7055224266123770001

35 B
469 B

145ms
20ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7055224266123770001

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7055224266123770001
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame C128 62 B
587 B 161ms
160ms Image
image/gif 104.89.42.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-42-102.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:28 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame C128
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=9f9c61e9-3117-4b00-a03d-da2347e6993b

35 B
468 B

19ms
19ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=9f9c61e9-3117-4b00-a03d-da2347e6993b

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Thu, 20 Jan 2022 09:53:28 GMT
Server: MT3 4133 baa842e master cdg-pixel-x2 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=9f9c61e9-3117-4b00-a03d-da2347e6993b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 20 Jan 2022 09:53:27 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame C128
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=Dq5krEhQ1Nau8g5

35 B
468 B

19ms
18ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=Dq5krEhQ1Nau8g5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 09:53:27 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=Dq5krEhQ1Nau8g5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame C128
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=042f6b3d-b6aa-480d-9fb7-372f6190561e

35 B
468 B

22ms
21ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=042f6b3d-b6aa-480d-9fb7-372f6190561e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=042f6b3d-b6aa-480d-9fb7-372f6190561e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame C128 0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame C128 43 B
1009 B 45ms
8ms Image
image/gif 51.195.5.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=6491992954323528237

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.234 , France, ASN16276 (OVH, FR),

Reverse DNS

p36.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 09:53:27 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame C128
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1890582251
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=GdzTpYr1OL8QWNJ6hOr0.u

35 B
477 B

20ms
20ms

Image
image/gif

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=GdzTpYr1OL8QWNJ6hOr0.u

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
via: 1.1 google
last-modified: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=GdzTpYr1OL8QWNJ6hOr0.u
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C128 23 B
172 B 83ms
34ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 20 Jan 2022 09:53:28 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame C128
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6491992954323528237
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6491992954323528237&cs=1

35 B
378 B

11ms
10ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6491992954323528237&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=6491992954323528237&cs=1
date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame C128 0
240 B 43ms
12ms Image
text/plain 2600:9000:224a:9a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6491992954323528237
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: S1UMRj4Xmb9onw-UfiXC-wuZQpCcCU7LBm5aT2BhVqXsB_hRoCFmow==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame C128
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=6491992954323528237&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=6491992954323528237&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=dbeb2767-cb85-487e-b114-41c3621b7fb3

35 B
468 B

41ms
41ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=dbeb2767-cb85-487e-b114-41c3621b7fb3

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=dbeb2767-cb85-487e-b114-41c3621b7fb3
date: Thu, 20 Jan 2022 09:53:28 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 6491992954323528237
match.contentexchange.me/adform/ Frame C128 0
49 B 105ms
28ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6491992954323528237?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame C128
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6491992954323528237&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6491992954323528237&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6491992954323528237&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6491992954323528237&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame C128 0
261 B 20ms
19ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6491992954323528237&agencyId=6166&advertiserId=2108607&src=tp&rnd=503301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 check Show response
hit.8digits.com/ 0
322 B 64ms
64ms Script
text/javascript 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.8digits.com/check?trackingCode=cc7ndnb8&visitorCode=A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC&sessionCode=7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC&hitCode=99920073&path=/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673&rnd=0.4503105908811966
Requested by: Host: cdn.8digits.com
URL: https://cdn.8digits.com/automation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BXKy%2BVOqufxjVkuSpSqG5Lb6HqWjvv87jYWzzVzC6Vk8jYQ0kaHnSSpv5u9XfRCfBU9hZiouXvkZ2J7RpaZbD%2F6VIRW39lrifJFWWbSmDLAw3DY7M8cNO9QXJaLh22EcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray: 6d076a783b35e5a7-MAN
expires: Fri, 31 Dec 1998 12:00:00 GMT, Fri, 31 Dec 1998 12:00:00 GMT

GET
H2 200 check Show response
hit.8digits.com/ 0
276 B 57ms
57ms Script
text/javascript 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.8digits.com/check?trackingCode=cc7ndnb8&visitorCode=A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC&sessionCode=7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC&hitCode=99920073&path=/np%3Fnp%23np&rnd=0.4706833222447855
Requested by: Host: cdn.8digits.com
URL: https://cdn.8digits.com/automation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOKtYZD2Arrhmd3X2LtGl2juIf3xl5qPdReZ%2FQXQaUqRebvZ%2FVQsEio2I8bpySuKJydLpwmPrxYxR%2FJ7mOkCxMwiTuKEANzBtY066w2HnKFO6f01Uv3vYzyA6vW6f3cUGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray: 6d076a78bbe4e5a7-MAN
expires: Fri, 31 Dec 1998 12:00:00 GMT, Fri, 31 Dec 1998 12:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1526386540908602&ev=Microdata&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&rl=&if=false&ts=1642672408595&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi%22%2C%22meta%3Adescription%22%3A%22Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&fbp=fb.1.1642672407090.905797402&it=1642672407039&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 20 Jan 2022 09:53:28 GMT

GET
H2 200 nr-1214.min.js Show response
js-agent.newrelic.com/ 35 KB
13 KB 61ms
15ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1214.min.js
Requested by: Host: uygulama.parasut.com
URL: https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 9SGCo4Tu7CQ6f76Rop9iQ50y_vaEgb87
content-encoding: gzip
etag: "8f16e3e6b3dfe5feb6c019492aedcc2d"
x-amz-request-id: VG1N1V145WT8BCN1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13145
x-amz-id-2: L2WSkIK8yAnPfLdK/aMM54/DIRIVvBm9F6s/4hLwORB3PzWeQDXgfA/0jm9qm36k5GDU/btmxRo=
x-served-by: cache-cdg20732-CDG
last-modified: Tue, 04 Jan 2022 23:13:18 GMT
server: AmazonS3
x-timer: S1642672409.769535,VS0,VE0
date: Thu, 20 Jan 2022 09:53:28 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4088

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C543 0
181 B 34ms
33ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=0n7s1gd&ref=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&upid=dvewcdc&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/

Response headers

date: Thu, 20 Jan 2022 09:53:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=0%25&el=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=243725422

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=20%25&el=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=931698304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=40%25&el=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=1265253678

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=60%25&el=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=2011630598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=80%25&el=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=129386700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1043626174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&ul=en-us&de=UTF-8&dt=Para%C5%9F%C3%BCt%20%E2%80%93%20Web%20Tabanl%C4%B1%20Fatura%20ve%20Tahsilat%20Y%C3%B6netimi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=100%25&el=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1498421211.1642672407&tid=UA-45292337-1&_gid=942018186.1642672407&gtm=2wg1c0TSN5V3&z=2104540729

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1149059/log/3/ 0
249 B 166ms
16ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1149059/log/3/unip?en=pre_d_eng_tb&tos=1589&scd=100&ssd=1&est=1642672407160&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1642672408750&vi=1642672407157&ri=c16f64a37a14f900e4975758e31f0f1b&ui=59025db6-0d85-405b-9a74-9ab0dbbb263f-tuct8e2b697&ref=null&cv=20220116-1-RELEASE&item-url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://uygulama.parasut.com
pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1296908/log/3/ 0
250 B 165ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1296908/log/3/unip?en=pre_d_eng_tb&tos=1589&scd=100&ssd=1&est=1642672407160&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1642672408750&vi=1642672407157&ri=83a2a49c30bfd38ffff9f16fc42c9989&sd=v2_0f2e117623f242867543d429d90198ae_59025db6-0d85-405b-9a74-9ab0dbbb263f-tuct8e2b697_1642672407_1642672407_CNawjgYQjJRPGPWEn7fnLyABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=59025db6-0d85-405b-9a74-9ab0dbbb263f-tuct8e2b697&ref=null&cv=20220116-1-RELEASE&item-url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://uygulama.parasut.com
pragma: no-cache
date: Thu, 20 Jan 2022 09:53:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK 8221ab4ace Show response
bam.nr-data.net/1/ 57 B
322 B 434ms
108ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8221ab4ace?a=36082192&v=1214.62a3223&to=dlZYRksLCg1QQR8WV0dNV14WFwcNUEBvD1ZDVl9RXBdJEl1cRw%3D%3D&rst=2734&ck=1&ref=https://uygulama.parasut.com/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673&qt=1&ap=61&be=579&fe=2663&dc=848&perf=%7B%22timing%22:%7B%22of%22:1642672406053,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:11,%22c%22:11,%22s%22:26,%22ce%22:49,%22rq%22:49,%22rp%22:482,%22rpe%22:679,%22dl%22:485,%22di%22:848,%22ds%22:848,%22de%22:850,%22dc%22:2663,%22l%22:2663,%22le%22:2664%7D,%22navigation%22:%7B%7D%7D&fp=842&fcp=842&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1214.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 check Show response
hit.8digits.com/ 0
300 B 60ms
60ms Script
text/javascript 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.8digits.com/check?trackingCode=cc7ndnb8&visitorCode=A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC&sessionCode=7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC&hitCode=99920073&path=/musteri-ekrani/447889/p8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr/satislar/92683673&rnd=0.30736604593166383
Requested by: Host: cdn.8digits.com
URL: https://cdn.8digits.com/automation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lC5oCN2QnUDn%2BNqYR3EEF6IE7v6k23OzjZ5tdIN7HZiN%2BLQDPhYFKUX8Lvookk%2FTYZQBNmGL0w7eklBO2VzlFUa6ERB%2BNanOuLOmOwcgMaOFcKz5HeFrOr5n03nBzOkQiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray: 6d076a8afb89e5a7-MAN
expires: Fri, 31 Dec 1998 12:00:00 GMT, Fri, 31 Dec 1998 12:00:00 GMT

GET
H2 200 check Show response
hit.8digits.com/ 0
276 B 66ms
65ms Script
text/javascript 172.67.75.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.8digits.com/check?trackingCode=cc7ndnb8&visitorCode=A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC&sessionCode=7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC&hitCode=99920073&path=/np%3Fnp%23np&rnd=0.8167513496150602
Requested by: Host: cdn.8digits.com
URL: https://cdn.8digits.com/automation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:53:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNnBDS6l%2FQ4QCzsp81kEvEYy%2FVpDP%2FRnU9msptB0e4icfdBvl7XJQ8J2UFo9j1L2skcF%2FU6YUhfFIQOjlrdGK8hjHOsBcPwMQSdMzbMQKOGk9S9wwMXU4EnOlqr3QcUONg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray: 6d076a8b7c7fe5a7-MAN
expires: Fri, 31 Dec 1998 12:00:00 GMT, Fri, 31 Dec 1998 12:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1149059/log/3/ 0
249 B 15ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1149059/log/3/unip?en=pre_d_eng_tb&tos=4590&scd=100&ssd=1&est=1642672407160&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1642672411751&vi=1642672407157&ri=c16f64a37a14f900e4975758e31f0f1b&ui=59025db6-0d85-405b-9a74-9ab0dbbb263f-tuct8e2b697&ref=null&cv=20220116-1-RELEASE&item-url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://uygulama.parasut.com
pragma: no-cache
date: Thu, 20 Jan 2022 09:53:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1296908/log/3/ 0
249 B 33ms
33ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1296908/log/3/unip?en=pre_d_eng_tb&tos=4591&scd=100&ssd=1&est=1642672407160&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1642672411752&vi=1642672407157&ri=83a2a49c30bfd38ffff9f16fc42c9989&sd=v2_0f2e117623f242867543d429d90198ae_59025db6-0d85-405b-9a74-9ab0dbbb263f-tuct8e2b697_1642672407_1642672407_CNawjgYQjJRPGPWEn7fnLyABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjbwtakkbOV1QpwAA&ui=59025db6-0d85-405b-9a74-9ab0dbbb263f-tuct8e2b697&ref=null&cv=20220116-1-RELEASE&item-url=https%3A%2F%2Fuygulama.parasut.com%2Fmusteri-ekrani%2F447889%2Fp8vzqvsyatvhsx49ctwgahbqpmbjqyfcsek8xk8esbmvy1sntdsn28xetscsnxmhwzseczaaynrfd3r4jrfjkj5tfcbju1cms7mrvpqpkux4f4nxqatv2faxizanbgqqbnnjmarr%2Fsatislar%2F92683673
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1149059/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uygulama.parasut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://uygulama.parasut.com
pragma: no-cache
date: Thu, 20 Jan 2022 09:53:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6491992954323528237

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.parasut.com/	1969-12-31 23:59:59	Name: _parasut_session_production_ Value: u%2F1cU2ZsF5KZZuWREXuueOLUyGMAqzln%2BEoQjoyHMqQVBgcQrq76a8PkLHga3MPKud%2FK54SgxBiwSzMruR2oOfKw0EZEYSCGQu%2FhZ09e%2FOkRD17wsIyPuNGi4TzKtw4Vitffx08Zee5WfP4rGPeAUbzoRzVW%2Fo6gOraxptcFMcumFY%2FYCH2l9pffWC9bjfR5wEOc3sn3O7LvuRETznC9I1IhcH%2Bx%2BjzW9hmp0J6n5T10ilGy9hx2kf8leF84LHFxXfscTZpy9NEawCH%2FWTOQnkLCYavt42DNiYTX9cI9wQQEhWvU--dpW4UdFG%2FaPoGAu%2B--whKEQjwUqR7HExoCKSpW2g%3D%3D
.parasut.com/	1970-01-20 17:49:04	Name: _ga Value: GA1.2.1498421211.1642672407
.parasut.com/	1970-01-20 00:19:18	Name: _gid Value: GA1.2.942018186.1642672407
.parasut.com/	1970-01-20 00:17:52	Name: _dc_gtm_UA-45292337-1 Value: 1
.parasut.com/	1970-01-20 00:17:52	Name: _gat_UA-45292337-1 Value: 1
.parasut.com/	1970-01-20 02:27:28	Name: _fbp Value: fb.1.1642672407090.905797402
.parasut.com/	1969-12-31 23:59:59	Name: eightdigits_session Value: 7C8040AE-B9E8-410C-9EC2-83EA77FF5EBC
.parasut.com/	1970-01-23 15:53:52	Name: eightdigits_visitor Value: A11E5EB8-187C-42AD-A4A4-1847ABEF5EAC
.facebook.com/	1970-01-20 02:27:28	Name: fr Value: 0UgVnbRwlEc4yj3Hy..Bh6TEX...1.0.Bh6TEX.
.uygulama.parasut.com/	1970-01-20 17:49:04	Name: _ga Value: GA1.3.1498421211.1642672407
.uygulama.parasut.com/	1970-01-20 00:19:18	Name: _gid Value: GA1.3.942018186.1642672407
.uygulama.parasut.com/	1970-01-20 00:17:52	Name: _gat_8digits Value: 1
.adform.net/	1970-01-20 01:02:30	Name: C Value: 1
.adform.net/	1970-01-20 01:44:16	Name: uid Value: 6491992954323528237
.adform.net/	1970-01-20 00:19:18	Name: CM Value: 1\|1
.adform.net/	1970-01-20 00:38:02	Name: CM14 Value: 1642758807_1642672407_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.adscale.de/	1970-01-20 09:00:08	Name: uu Value: 900e7a17e6dd46a08988916e0982fd95
.adscale.de/	1970-01-20 09:00:08	Name: cct Value: 1642672407567
.ih.adscale.de/	1970-01-20 09:00:08	Name: tu Value: 4#3771947169#42~6491992954323528237~456297~0~0
.advertising.com/	1970-01-20 09:04:54	Name: APID Value: UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4
.yieldlab.net/	1970-01-20 09:03:28	Name: id Value: a1e96f50-f318-4edb-a15f-fa4a2b49a3b2
.eyeota.net/	1970-01-20 00:17:53	Name: SERVERID Value: 18890~DM
.bidswitch.net/	1970-01-20 09:03:28	Name: tuuid Value: ff1098b1-4ee1-4a24-b79a-26a8d688d879
.bidswitch.net/	1970-01-20 09:03:28	Name: c Value: 1642672407
.bidswitch.net/	1970-01-20 09:03:28	Name: tuuid_lu Value: 1642672407
ads.stickyadstv.com/	1970-01-20 01:44:16	Name: uid-bp-617 Value: 6491992954323528237
ads.stickyadstv.com/	1970-01-20 01:01:04	Name: UID Value: 67e0a8a9d61f82818c82c220af3461d3
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 3f51f8fa416e2aa806e1c676f4e767b
.casalemedia.com/	1970-01-20 09:03:28	Name: CMID Value: YekxFyey-piRqUf3aoMVbQAA
.casalemedia.com/	1970-01-20 02:27:28	Name: CMPS Value: 3228
.360yield.com/	1970-01-20 02:27:28	Name: tuuid Value: cd3c3039-d86f-409f-9726-e1655905dc98
.360yield.com/	1970-01-20 02:27:28	Name: tuuid_lu Value: 1642672407
.seadform.net/	1970-01-20 01:44:16	Name: uid Value: 6491992954323528237
.casalemedia.com/	1970-01-20 02:27:28	Name: CMPRO Value: 1122
.casalemedia.com/	1970-01-20 09:03:28	Name: CMRUM3 Value: 6f61e9311727606491992954323528237
.casalemedia.com/	1970-01-20 00:19:18	Name: CMST Value: YekxF2HpMRcA
.yahoo.com/	1970-01-20 09:03:50	Name: A3 Value: d=AQABBBcx6WECEJMT5X7xOg3HStVpcjLhXucFEgEBAQGC6mHzYQAAAAAA_eMAAA&S=AQAAArouGukTiONQSZueoyBviwg
.360yield.com/	1970-01-20 02:27:28	Name: um Value: !42,BunpF-Smofrg2xxA85.gJ..bMoE1m4U6TqaueFafzEQs,1643882007
.360yield.com/	1970-01-20 02:27:28	Name: umeh Value: !42,0,1704880407,-1
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPd0e36bfd-79d6-11ec-a77e-02ac4a3946f4
.yahoo.com/	1970-01-20 00:19:18	Name: APIDTS Value: 1642672407
.analytics.yahoo.com/	1970-01-20 09:04:54	Name: IDSYNC Value: 1760~22rl
.exelator.com/	1970-01-20 03:10:40	Name: EE Value: "7b8aeed1b8539a5bf83043913c7a0b85"
.semasio.net/	1970-01-20 09:03:28	Name: SEUNCY Value: 838075BFF52DEF3F
cm.adsafety.net/	1970-01-20 09:03:28	Name: UID Value: CM1202201200917729e8f57b044d3ad1
.adsafety.net/	1970-01-20 09:03:28	Name: cm_uid Value: CM1202201200917729e8f57b044d3ad1
.crwdcntrl.net/	1970-01-20 06:46:37	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:46:37	Name: _cc_id Value: b2e416f1b72a7fd409ec1f9dbf47fdc6
.crwdcntrl.net/	1970-01-20 06:46:40	Name: _cc_cc Value: "ACZ4XmNQSDJKNTE0SzNMMjdKNE9LMTGwTE02TLNMSUozAXKTzRiAIPGloTiIhgIAafMLOg%3D%3D"
.crwdcntrl.net/	1970-01-20 06:46:40	Name: _cc_aud Value: "ABR4XmNgYGBIfGkoDqSgAAAUfgGT"
.exelator.com/	1970-01-20 03:10:40	Name: ud Value: "eJxrXxzq6XKLQcE8ySIxNTXFMMnC1Ngy0TQpzcLYwMTY0tA42TzRACi4uCy1aMHS0uLUlKRDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpkab4kvygzfZGL6%252BKilDSGRSXFp4L3W5cAAIUZKd0%253D"
.doubleclick.net/	1970-01-20 09:39:28	Name: IDE Value: AHWqTUmL6Pe11aa4PAM7zg9asoElcjYUw60JsHFa33x87WPXV1IviKB6vM3GdYDUaTQ
tags.adsafety.net/	1970-01-20 09:03:28	Name: UID Value: b6a333991bb8b571aaf5b0f535fec5de
tags.adsafety.net/	1970-01-20 09:03:28	Name: DID Value: b6a333991bb8b571aaf5b0f535fec5de
tags.adsafety.net/	1970-01-20 09:03:28	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 09:03:28	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 01:01:04	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 09:03:28	Name: ct_uid Value: b6a333991bb8b571aaf5b0f535fec5de
.adsafety.net/	1970-01-20 09:03:28	Name: ct_did Value: b6a333991bb8b571aaf5b0f535fec5de
.adsafety.net/	1970-01-20 09:03:28	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-20 09:03:28	Name: permanent Value: 1
.adnxs.com/	1970-01-20 02:27:28	Name: uuid2 Value: 7385883491268712448
.krxd.net/	1970-01-20 04:37:04	Name: _kuid_ Value: OnNiDsA1
.pubmatic.com/	1970-01-20 01:01:04	Name: KRTBCOOKIE_391 Value: 22924-6491992954323528237&KRTB&23263-6491992954323528237
.pubmatic.com/	1970-01-20 01:01:04	Name: PugT Value: 1642672407
.pubmatic.com/	1970-01-20 02:27:28	Name: PUBMDCID Value: 3
ads.smartstream.tv/	1970-01-20 09:03:28	Name: DID Value: b6a333991bb8b571aaf5b0f535fec5de
ads.smartstream.tv/	1970-01-20 09:03:28	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 09:03:28	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 01:01:04	Name: cm_uid Value: CM1202201200917729e8f57b044d3ad1
.adnxs.com/	1970-01-20 02:27:28	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GVUfR<bn!]tbPl1M66+q([OUezr:Z7oecSjt'9_(z?oSgNv(aaVn0=H`@jbpRzqF1`*b`%l(Gc``
.agkn.com/	1970-01-20 09:03:28	Name: ab Value: 0001%3AcyYp1Kpb0ZEm3SL7muyTIZcGcv0G6Jdj
cm.adsafety.net/	1970-01-20 09:03:28	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMW5jaldpYmduZTh4ZW1lZEhGVTNCZzdxa3U4Y2lXN3Rld281V3JUS0tYK2RqSlQrOU1QV1dMcHU5bWlJTXZiOG1iMWtLT2xLYkxTZGRja2FzaCtHa3JVWlpYcncxSHFzQmlUN0FORXlxUU45Ukt3Zy9QV2RHbzFBaTNhUGdFeTczeW5tdC83NURDSXVIY0dGRU9zNHNJcndwd2dpb1k2NHNHWjR5aGlQS2FBMDZKMVZ6cWNiMXNmbCtpM0JLbi8xK2o4cHhwbGxXVnRQcjJFK1JJdkVTUG10S3c5SExZWCt5WUw4WXNWNVZmZVMxb04rbzdEUnhkUGEyRmlJOWhJcjNMVDlJc3drVHY2dy8vRWhXTnF4cms3OVF4c1p4ckdvT2xPdCtLTHF6dStCeFhZKzcyQVA1S3A5OE53SjcwYTFYdE9RMi9hczhpZE8zSHBmd3JoUmZzQytwM2tmdjRjU2h4aHRuU0p6Wk1SY2oyMXhDYjJRUHhUa1lCaWFSS3Z3Vk5jYmJWcjBSRDUycVUyTjgwV28yU2h4ZVNyQVl0ZXFwVEZhaFIzNVJiSVQvZ21HRzlkeTdhMU9id0FWb3Baell3WHgyYnJGYXVqcHBiTS8rM0xHT0F2V2VFOWwyQzJ1UUFTNFdWRkdjTFpuNnhxOE0rQm1HWFl6NU5pdjFoUHkvZFpPZVdvVVc2REF0WmU4djN4SGFZK3BBWUlOTGt1TEdrcnp3T0w4L3BoV3JaR29qeG1tVEF3WWRjY0VTRTlvZzEwZ1lGcXNBYVB3YzAyVGFnQ0VxS05kMURHSGQzUmhuNkRVRmZ2YTBOVTBJZ3ErcWRTVGNFSEZvR2dxYm1KWDZldmtHbGptdnJWMGJTengxUmNRVVU9
.adfarm1.adition.com/	1970-01-20 02:27:28	Name: UserID1 Value: 7055224266123966609
.mathtag.com/	1970-01-20 09:43:47	Name: uuid Value: 9f9c61e9-3117-4b00-a03d-da2347e6993b
.demdex.net/	1970-01-20 04:37:04	Name: demdex Value: 78567557044829096792247113112409254987
.onaudience.com/	1970-01-20 09:03:28	Name: cookie Value: 8dee18f28b16998f
.onaudience.com/	1970-01-20 00:19:18	Name: done_redirects104 Value: 1
.dpm.demdex.net/	1970-01-20 04:37:04	Name: dpm Value: 78567557044829096792247113112409254987
.adsrvr.org/	1970-01-20 09:03:28	Name: TDID Value: 042f6b3d-b6aa-480d-9fb7-372f6190561e
.w55c.net/	1970-01-20 09:48:06	Name: wfivefivec Value: Dq5krEhQ1Nau8g5
.w55c.net/	1970-01-20 01:01:04	Name: matchadform Value: 5
.onaudience.com/	1970-01-20 00:19:18	Name: done_redirects147 Value: 1
.weborama.fr/	1970-01-20 09:49:33	Name: AFFICHE_W Value: tXOBkby5j3G111
.id5-sync.com/	1970-01-20 00:17:52	Name: cf Value:
.id5-sync.com/	1970-01-20 00:17:52	Name: cip Value:
.id5-sync.com/	1970-01-20 00:17:52	Name: cnac Value:
.id5-sync.com/	1970-01-20 00:17:52	Name: car Value:
.id5-sync.com/	1970-01-20 00:17:52	Name: gdpr Value:
.id5-sync.com/	1970-01-20 00:17:52	Name: callback Value:
.adsrvr.org/	1970-01-20 09:03:28	Name: TDCPM Value: CAEYASABKAIyCwj2jZWIroGuOhAFOAFaB3hrc3c5bGFgAg..
.1dmp.io/	1970-01-20 09:03:28	Name: uid Value: d1392c30-79d6-11ec-8677-901b0e934d81
.tapad.com/	1970-01-20 01:44:16	Name: TapAd_TS Value: 1642672408199
.tapad.com/	1970-01-20 01:44:16	Name: TapAd_DID Value: dbeb2767-cb85-487e-b114-41c3621b7fb3
.3lift.com/	1970-01-20 02:27:28	Name: tluid Value: 10266003583661350303
.tapad.com/	1970-01-20 01:44:16	Name: TapAd_3WAY_SYNCS Value:
.onaudience.com/	1970-01-20 00:19:18	Name: done_redirects219 Value: 1
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: 81btWdKmEidQbiaqC-OyJRBAg!20210804!1642672408215
.zeotap.com/	1970-01-20 09:03:28	Name: zc Value: 2efafbe7-831f-438f-4370-40d375b41a62
.zeotap.com/	1970-01-20 00:19:18	Name: zsc Value: v%A1%0B%C7O1%06%FC%F0j%D5%FB7%0F%13%21%C6%3C%40%FF%7C%7F%92uq%89%604M%11i%5D%2C%13D%28%F2%8E%E5l%91%3A%07%ECK%F7%95%0Aq%AA%01%C3%E8b%A3%E8%15%FDQ%A7m%08%D3%85P%A7A%28%AF8%17%1F%AD%F2%D4Tt%CE%24%C2%08yh
.parasut.com/	1970-01-20 09:03:28	Name: eightdigits_last_operation_time Value: 1642672408426
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: aa2b0ed0f3222d75

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=6491992954323528237 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7055224266123966609 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=6491992954323528237 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://app.mukellef.co https://online.zirveyazilim.net https://app.yengec.co https://worq.finance/
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	allow-from https://app.mukellef.co https://online.zirveyazilim.net

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
analytics.tiktok.com
api.adrtx.net
bam.nr-data.net
beacon.krxd.net
c1.adform.net
cdn.8digits.com
cdn.taboola.com
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
d.8digits.com
d1lrmnchp1ja3v.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
events.getsitectrl.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
hit.8digits.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
ka-p.fontawesome.com
kit.fontawesome.com
l.getsitecontrol.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
parasut-dosyalar.s3.amazonaws.com
parasut.hellosmpl.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s2.getsitecontrol.com
s3-eu-west-1.amazonaws.com
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
spl.zeotap.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
ups.analytics.yahoo.com
uygulama.parasut.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
global.ib-ibi.com
104.102.29.65
104.89.29.143
104.89.42.102
104.90.104.248
108.128.79.28
141.226.228.48
143.204.101.69
143.204.94.161
151.101.129.44
151.101.130.137
162.247.242.20
172.217.16.130
172.67.75.41
18.195.106.77
18.66.248.68
185.33.221.11
185.64.189.110
185.86.137.131
2.21.141.186
2.21.142.210
216.58.212.130
2600:9000:224a:9a00:1b:5138:8a40:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:41e9
2606:4700:3036::ac43:8757
2606:4700::6812:1634
2606:4700::6812:1734
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9b
2a02:6ea0:c700::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.120.29.221
3.124.210.90
3.125.198.159
3.126.56.137
3.212.173.197
3.67.18.150
34.240.183.205
34.249.68.36
34.254.143.3
34.98.64.218
35.156.119.137
35.190.16.14
35.227.248.159
35.244.174.68
35.71.131.137
37.157.2.238
37.157.4.39
37.157.4.41
37.157.6.236
37.157.6.251
46.19.11.36
51.195.5.234
51.222.80.231
51.77.65.169
52.211.244.253
52.218.41.243
52.86.134.216
54.231.133.217
54.77.170.127
76.223.111.18
77.243.60.138
78.46.100.125
8.39.36.142
80.82.217.90
85.114.159.118
85.90.245.27
85.90.246.38
89.187.169.47
95.100.153.115
01b8bc678cada8e2bc35d15a806e7c6b1039b39554a09a31f625b7e9f09058f5
0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1619f2db873979f40266ed238ec37ce72478e22d3c40304169dd763563fb1edd
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
2296a73f86fe4fc3d75472f15ce6d9622c616e1e441410ec6ef057f4e5e14b2e
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
236b4fae2b054645a00e2cdcf5e4af2a24cb6daabc52dfff0b571b686034c8ed
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c08e1eb8a5b0469f36408aff182967571b49017470c32152e9a44023785270
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3d99938438560353702fb9ecff643eb2616fe361b3d4cff8b55fba6f6a3c992d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4433a07c5e77a2b194d5c293d905f42fafa70ff10e2be2fe17b5692d1d5d7993
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
509262aabd688fa1826bfd683b91d1612f908b4eab58f78b7ba2a85985b4665d
51bac1cc7722af4079f6b47bb626926211ba32418177af4520a99d6f84564f06
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550514bc4c6014a1fbc72012bbcd904532de4083c453dadc2a81405d7e68ec44
5534b4dce94eacc9025070bc568ac1d86eaf18ae0f0bf7ad09d81a04aa41eb72
5ba0808a5645a48e91b5e6d29156f82899e277999c3053081e6f5960f337fbae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d156d3f9ce16aa173dda322ed3b7981d870389abf95cb26f66412a5825e3a9a
73c1bce1413b78a41e5a0b7b748d74c025ed9d6c7f3dba816899d39963e75a35
73d10c094bd171cdc7a21803bb5ad34439edb7be2e19aa9c3e2d1f624e00747d
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6868b89ef6cdcfd3a918d63a480dd36a9faa0e0e103bbd8e238315b1f1ae38
8b39bddd7498c3e77fea402462e17779f5ed36e5dfc62ad6b378e21c03f0f89b
8c051b747e8d88fd0789799cc1641c73787a12ad81092906db61651e7c0a1671
a02b3d418f035dcd48e62bff7a85071b24c6279c756886220176926ee18863f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a40df38ded49429aa3fade2f296381b2460c0894856e7dc7342c03221df8ee4e
a4d1acbb118ba1eda0e1c57f0693269a5ef2ce299c2b5d8480bfff7e395799a2
a64c70703236783a77935f2454a78073771d9416809716ff184bc831006878c5
ae5ec8160a04dbdf24196b69f565b450bec3fb487d0abbfc7e07d4dcb04f7d49
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
b039a730f749253a13d6d87fe42b6083daca084bcc0b869234d02298fe8a3b21
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b851291c0c4d61eec2ffaa2d8b789aed7928bf090b9fa96575be84e64679b215
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc66233bd85de87119e58e58b7d215e02062b6bd179826dc607f43fdf8eff610
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf624cca88c1828e4dc1a61151d2ce6e826191ba2223f4cf4cdacc1d8a52981b
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d12493452a845c32b4e0db25c16142e7645e9cb80f00511e53c5760794c9cf94
d17b8e1f22b1cdea05fcee7dd9e1b258187c174665c95729d3726c65e8d550f2
dd1929825aefb893f7aa133aee603dbe12765128f4c0a2ba24a3052a0b5b3e7b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4129b9f128f30f6e468c085f6e7b2925803ff02d8d7ac66cbc9e9be948ac7dd
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f232b8087de38bece1c9a12701316772ffcddd1041ba93ee6aa10fe5473d9127
fba78ed6f4d04a905ff4082125b4dbf140bccf30daab5dcb86594b6baeb6d48d
fe47bfbdf4f50825926a425f997d4030a0289ea9b9c19f7042f9612cc439bc90

uygulama.parasut.com Open in urlscan Pro 2606:4700:10::6816:41e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

81 %HTTPS

23 %IPv6

67 Domains

85 Subdomains

61 IPs

11 Countries

1017 kBTransfer

2839 kBSize

102 Cookies

5 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uygulama.parasut.com Open in urlscan Pro
2606:4700:10::6816:41e9 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

81 %
HTTPS

23 %
IPv6

67
Domains

85
Subdomains

61
IPs

11
Countries

1017 kB
Transfer

2839 kB
Size

102
Cookies

135 HTTP transactions
0 data transactions