www.guzel.net.tr Open in urlscan Pro
2606:4700:10::6816:29ba  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.guzel.net.tr/clientarea.php Page URL
2. https://www.guzel.net.tr/clientarea.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	clientarea.php Show response www.guzel.net.tr/	210 KB 147 KB	58ms 36ms	Document text/html	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/clientarea.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb8cb70ed5d716864eabafb77e8dc0a6ef510170e3bd3baf908ff218fc59c077 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7f305eb85cbb2c45-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Mon, 07 Aug 2023 14:57:05 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	sXlOeLSfo54lKUW6aNA0oion2OE.js Show response www.guzel.net.tr/cdn-cgi/apps/body/	4 KB 2 KB	21ms 21ms	Script application/javascript	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/apps/body/sXlOeLSfo54lKUW6aNA0oion2OE.js Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77d0e2a3f0f35645b17fab57fc5901665fe357518effa9f500cd6673e5c45429 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guzel.net.tr/clientarea.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:05 GMT x-amz-version-id YlwHdgd2K4hZzAmbdVbLSdDdKznizWN3 content-encoding br cf-cache-status HIT last-modified Sun, 19 Jun 2022 22:05:33 GMT server cloudflare x-amz-request-id KKDD1AAJYESK5AMM age 533505 etag W/"bb5f1bcf24785b6f2d6fef5e1c3860dc" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 7f305eb8cd4e2c45-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 LSVGNgcFfZYAwnuZoQG7vWPkccDOxret6i54Enj+o3HmxSOHX5GjZZIRHmTXSzZz3xQ6nMmOVbU=
GET H2	200	v1 Show response www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	167 KB 58 KB	20ms 20ms	Script application/javascript	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305eb85cbb2c45 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7fdf17b78e80f0816697e32701a4ba3f05792b1940faf572fbe277268d97b06 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guzel.net.tr/clientarea.php?__cf_chl_rt_tk=0FZ08LwwlM86jI499rvEzSTukjlbsVhZQ4Ji_WUB5HU-1691420225-0-gaNycGzNC_s User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:05 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding br server cloudflare cf-ray 7f305eb8cd552c45-FRA alt-svc h3=":443"; ma=86400 content-type application/javascript; charset=UTF-8
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a7ff22faf50946b223fc4ce63b670d90558152c04d2834f61d1cbe993fb7095 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	114 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2e8dd47dc41fcfa9b1898a8be39d01d04805a3b4188076e72677e50d41c99496 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1cf6f501d1ccf3be2684ff67b54d387d2db04c3b3309aa2dd52881e2565cc3f6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	404	invisible.js www.guzel.net.tr/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 998D	0 0	15ms 14ms	Script text/plain	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1691409600 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:05 GMT server cloudflare cf-ray 7f305eb8fe5b18c1-FRA alt-svc h3=":443"; ma=86400 vary accept-encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	179 KB 65 KB	42ms 21ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-11555471-2 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/apps/body/sXlOeLSfo54lKUW6aNA0oion2OE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b1e2c528c58d67e5e8b7e090e7087a12f2050a26fd4f0a7ef42ca4319d28f406 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66539 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 07 Aug 2023 14:57:05 GMT
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/74ac0d47/	27 KB 10 KB	56ms 40ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305eb85cbb2c45 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376 Request headers Referer Origin https://www.guzel.net.tr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:05 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7f305eb92d6a9b55-FRA alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	993ce143-9ff2-4a17-ab3a-defff2a093c4 https://www.guzel.net.tr/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.guzel.net.tr/993ce143-9ff2-4a17-ab3a-defff2a093c4 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guzel.net.tr/clientarea.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 79 KB	24ms 23ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HVX6XG4ZVM&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-11555471-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash baa6e36668697f953d0f2f484099f46628083daa1668f9445a5bd9eebfb55a30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80583 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 07 Aug 2023 14:57:05 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-11555471-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 07 Aug 2023 13:44:24 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4361 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 07 Aug 2023 15:44:24 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 208 B	14ms 13ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1869146406&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guzel.net.tr%2Fclientarea.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=978855322&gjid=787880695&cid=1793936371.1691420226&tid=UA-11555471-2&_gid=381038975.1691420226&_r=1&gtm=457e3820&jsscut=1&z=1122414549 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 07 Aug 2023 14:57:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guzel.net.tr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	0786247d856dce2 Show response www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305eb85cbb2c45/	9 KB 7 KB	34ms 33ms	XHR text/plain	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305eb85cbb2c45/0786247d856dce2 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305eb85cbb2c45 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8262a538faad515a6991b4be4f2b02a60744fcb2a8c6d71f6807c6b46f836b2 Request headers Referer https://www.guzel.net.tr/clientarea.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 CF-Challenge 0786247d856dce2 Content-type application/x-www-form-urlencoded Response headers cf-chl-gen WeNIgAbDVQBQOJK9KaSftAftzMo1HWOnb/OGhwiIyVnIJh6Yr1D+Gu14XNE3UZHH$nrATgYkxqae5KzZKxugsdg== date Mon, 07 Aug 2023 14:57:05 GMT content-encoding br server cloudflare cf-ray 7f305eb9cf8918c1-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
POST H2	204	collect region1.analytics.google.com/g/	0 255 B	34ms 13ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-HVX6XG4ZVM&_ono=1&gtm=45je3820&_p=1869146406&_gaz=1&cid=1793936371.1691420226&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691420225&sct=1&seg=0&dl=https%3A%2F%2Fwww.guzel.net.tr%2Fclientarea.php&dt=&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HVX6XG4ZVM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 14:57:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guzel.net.tr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	56ms 19ms	Ping text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-HVX6XG4ZVM&cid=1793936371.1691420226&gtm=45je3820&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HVX6XG4ZVM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 14:57:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guzel.net.tr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	55ms 32ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-HVX6XG4ZVM&cid=1793936371.1691420226&gtm=45je3820&aip=1&z=1099523886 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 14:57:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 350 B	54ms 18ms	XHR text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11555471-2&cid=1793936371.1691420226&jid=978855322&gjid=787880695&_gid=381038975.1691420226&_u=YEBAAUAAAAAAACAAI~&z=1328355766 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 07 Aug 2023 14:57:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guzel.net.tr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kei7b/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame CB0C	0 0	29ms 18ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kei7b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7f305eba3fd04d3d-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Mon, 07 Aug 2023 14:57:05 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	53ms 31ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11555471-2&cid=1793936371.1691420226&jid=978855322&_u=YEBAAUAAAAAAACAAI~&z=1399943013 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 14:57:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	33ms 33ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11555471-2&cid=1793936371.1691420226&jid=978855322&_u=YEBAAUAAAAAAACAAI~&z=1399943013 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 07 Aug 2023 14:57:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	rum Show response www.guzel.net.tr/cdn-cgi/	0 142 B	11ms 11ms	XHR text/plain	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/rum? Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php?__cf_chl_rt_tk=0FZ08LwwlM86jI499rvEzSTukjlbsVhZQ4Ji_WUB5HU-1691420225-0-gaNycGzNC_s Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.guzel.net.tr/clientarea.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 content-type application/json Response headers date Mon, 07 Aug 2023 14:57:05 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.guzel.net.tr x-frame-options DENY access-control-allow-credentials true cf-ray 7f305ebab8f318c1-FRA
POST H3	200	0786247d856dce2 Show response www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305eb85cbb2c45/	2 KB 2 KB	28ms 27ms	XHR text/html	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305eb85cbb2c45/0786247d856dce2 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305eb85cbb2c45 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57e50d392c5b753c4f414f08110dda01c4d9632b0dad54a8e9dcb9f07d8ee051 Request headers Referer https://www.guzel.net.tr/clientarea.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 CF-Challenge 0786247d856dce2 Content-type application/x-www-form-urlencoded Response headers cf-chl-out J6UAHkTjy7vN+utD/1dEOzGkFTcfzAnAq6FYDUBj/1cpgFQqvEyMHkcHTX/qvIUZH1GLJ52cMisVBzhgh/X5A2tG7qJqz5UAPzH3iEMAchE=$OKbFHAwUU+ESYl2LHhl9dg== cf-chl-out-s kF8xpB3ths8orbsmNl2dBXVE9eEYwitA2oxNXN+qs5zeJJGd9GTPN6DOL4czqiua1sp83AYnlUEO7RavQZhwbeGTxJgETakvFnLf6Q+uuqTq9HILR06a2cX64/DZvUs4nPL6vvP/+AXZibyoZsh/yoaUQxI73DxPKpvsOjFIV7s=$6LhJPvNkRrG//2VDwtRt7Q== date Mon, 07 Aug 2023 14:57:05 GMT content-encoding br server cloudflare content-type text/html; charset=UTF-8 cf-ray 7f305ebbaa5b18c1-FRA alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request clientarea.php Show response www.guzel.net.tr/	209 KB 146 KB	39ms 39ms	Document text/html	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/clientarea.php Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305eb85cbb2c45 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6895fde19f3010fec3d3f9682607109645421485b65635599138b7fa9c69da61 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.guzel.net.tr/clientarea.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7f305ecbdcd718c1-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Mon, 07 Aug 2023 14:57:08 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
POST		collect region1.analytics.google.com/g/	0 0
POST		rum www.guzel.net.tr/cdn-cgi/	0 0
GET H3	200	sXlOeLSfo54lKUW6aNA0oion2OE.js Show response www.guzel.net.tr/cdn-cgi/apps/body/	4 KB 2 KB	29ms 28ms	Script application/javascript	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/apps/body/sXlOeLSfo54lKUW6aNA0oion2OE.js Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77d0e2a3f0f35645b17fab57fc5901665fe357518effa9f500cd6673e5c45429 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guzel.net.tr/clientarea.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:08 GMT x-amz-version-id YlwHdgd2K4hZzAmbdVbLSdDdKznizWN3 content-encoding br cf-cache-status HIT last-modified Sun, 19 Jun 2022 22:05:33 GMT server cloudflare x-amz-request-id PE1GZG6HS3T0GZVG age 916743 etag W/"bb5f1bcf24785b6f2d6fef5e1c3860dc" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 7f305ecc2d5518c1-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 xx9ebQyrqJ8W0xaFVKCaon/4fVr0FMrX7HH3g8BEgtQLfCX2I/++IbCJBtTnkaP8clE0AL4EclY=
GET H3	200	v1 Show response www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	167 KB 58 KB	20ms 20ms	Script application/javascript	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305ecbdcd718c1 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7fdf17b78e80f0816697e32701a4ba3f05792b1940faf572fbe277268d97b06 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guzel.net.tr/clientarea.php?__cf_chl_rt_tk=_YTCNmbFqASkvMX17FqfWjhshpnNIYlmoVBXFsCoEnE-1691420228-0-gaNycGzNCqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:08 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding br server cloudflare cf-ray 7f305ecc3d7f18c1-FRA alt-svc h3=":443"; ma=86400 content-type application/javascript; charset=UTF-8
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a7ff22faf50946b223fc4ce63b670d90558152c04d2834f61d1cbe993fb7095 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	114 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2e8dd47dc41fcfa9b1898a8be39d01d04805a3b4188076e72677e50d41c99496 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1cf6f501d1ccf3be2684ff67b54d387d2db04c3b3309aa2dd52881e2565cc3f6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	404	invisible.js www.guzel.net.tr/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame FA58	0 0	25ms 25ms	Script text/plain	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1691409600 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:08 GMT server cloudflare cf-ray 7f305ecc5da018c1-FRA alt-svc h3=":443"; ma=86400 vary accept-encoding
GET H3	200	js Show response www.googletagmanager.com/gtag/	179 KB 65 KB	20ms 19ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-11555471-2 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/apps/body/sXlOeLSfo54lKUW6aNA0oion2OE.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8d0e2a11dc44a41d16274afe1669ac430e6a247d5b43a08af7f432bf9882ee52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66540 x-xss-protection 0 last-modified Mon, 07 Aug 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 07 Aug 2023 14:57:08 GMT
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/74ac0d47/	27 KB 10 KB	33ms 32ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305ecbdcd718c1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376 Request headers Referer Origin https://www.guzel.net.tr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:08 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7f305ecc6a5b9b55-FRA alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	be43b3d8-2a79-4f1a-a5eb-f517a7a4aa15 https://www.guzel.net.tr/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.guzel.net.tr/be43b3d8-2a79-4f1a-a5eb-f517a7a4aa15 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.guzel.net.tr/clientarea.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 79 KB	20ms 20ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HVX6XG4ZVM&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-11555471-2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 26ebaf0f0f69510e0d6f0c5350ece060c1dc331a3e8df1df54aef9b435690c53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:57:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80583 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 07 Aug 2023 14:57:08 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-11555471-2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 07 Aug 2023 13:44:24 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4364 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 07 Aug 2023 15:44:24 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1859581881&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guzel.net.tr%2Fclientarea.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1793936371.1691420226&tid=UA-11555471-2&_gid=381038975.1691420226&gtm=457e3820&jsscut=1&z=2075472723 Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 22:49:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 58071 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	rum Show response www.guzel.net.tr/cdn-cgi/	0 141 B	12ms 12ms	XHR text/plain	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/rum? Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/clientarea.php?__cf_chl_rt_tk=_YTCNmbFqASkvMX17FqfWjhshpnNIYlmoVBXFsCoEnE-1691420228-0-gaNycGzNCqU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.guzel.net.tr/clientarea.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 content-type application/json Response headers date Mon, 07 Aug 2023 14:57:08 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.guzel.net.tr x-frame-options DENY access-control-allow-credentials true cf-ray 7f305eccfeca18c1-FRA
POST H3	200	9a51de15199228c Show response www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305ecbdcd718c1/	9 KB 7 KB	29ms 29ms	XHR text/plain	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305ecbdcd718c1/9a51de15199228c Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305ecbdcd718c1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac4003fad8e96e7ea6d539312c333bfa343081271b213d63826d782a8c798c70 Request headers Referer https://www.guzel.net.tr/clientarea.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 CF-Challenge 9a51de15199228c Content-type application/x-www-form-urlencoded Response headers cf-chl-gen TK6H9W+A4stpDBS+TGdaLKu0nbCtiLnP+R6gRiWZmQJT9b+XGJUYbGwsT76em0RB$il6UKGKnSJx3evop3QhpkQ== date Mon, 07 Aug 2023 14:57:08 GMT content-encoding br server cloudflare cf-ray 7f305ecd1f0518c1-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wv98b/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 28AE	0 0	18ms 18ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/wv98b/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=aJ4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7f305ecd9a2f4d3d-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Mon, 07 Aug 2023 14:57:08 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	9a51de15199228c Show response www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305ecbdcd718c1/	2 KB 2 KB	27ms 27ms	XHR text/html	2606:4700:10::6816:29ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/flow/ov1/833325024:1691417470:UyxneJZysuqqu8ohL4lK_okE0_EcVL73sl5LovQBOps/7f305ecbdcd718c1/9a51de15199228c Requested by Host: www.guzel.net.tr URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f305ecbdcd718c1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:29ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 955f42c1a1774dd0dcd83a2ef8e28b36426c2a41c44d8904560df0c50df7d3ea Request headers Referer https://www.guzel.net.tr/clientarea.php accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 CF-Challenge 9a51de15199228c Content-type application/x-www-form-urlencoded Response headers cf-chl-out 83O4tWeCqga5q/qQYBQh2TI4DCi2UDZZz93pObXB76YiZdteKQrnDvp2EVhD0zSW4rt0Lcct0VI5Wlwk+CW1Q2UBCRvi5PK/N49IRuSwnvs=$U/dCR6cH695BqelyaR+Dcg== cf-chl-out-s qxpkCsdRRqQ999kujxofSQ9pEMW1UmjFNMwSA+duONGxrVQKbln9kwPOcv2uhK8jpj8z2Q6rjLMRJ3YR+DZgTbxC1190hmn9+Kw7IL2RpzgkuN9lB7Ga1IHU/XqJJ1efBuSrPnwpF5fdxcP1oJ2aVtgVYRZj6WyeZM3PBrLv3vg=$xQ12wbWEJrjxuqZyfAPEvg== date Mon, 07 Aug 2023 14:57:08 GMT content-encoding br server cloudflare content-type text/html; charset=UTF-8 cf-ray 7f305ecec96318c1-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

region1.analytics.google.com

URL

https://region1.analytics.google.com/g/collect?v=2&tid=G-HVX6XG4ZVM&_ono=1&gtm=45je3820&_p=1869146406&cid=1793936371.1691420226&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1691420225&sct=1&seg=0&dl=https%3A%2F%2Fwww.guzel.net.tr%2Fclientarea.php&dt=&en=user_engagement&_et=2899

Domain

www.guzel.net.tr

URL

https://www.guzel.net.tr/cdn-cgi/rum?

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CloudflareApps object| _cf_chl_opt object| __cfBeacon string| GoogleAnalyticsObject function| ga object| dataLayer function| aJ4 boolean| hB6 function| jONVS1 function| JxrZVR3 function| nmb6 function| nS3 function| YwhN0 object| PQf2 function| OmMkiGZRYC object| JkGxse9 object| google_tag_manager object| google_tag_data object| turnstile boolean| nYmegH0 object| gaplugins object| gaGlobal object| gaData string| iDYwS6

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.guzel.net.tr/	1970-01-20 13:51:46	Name: _gid Value: GA1.3.381038975.1691420226
			.guzel.net.tr/	1970-01-20 13:50:20	Name: _gat_gtag_UA_11555471_2 Value: 1
			www.guzel.net.tr/	1970-01-20 13:50:23	Name: cf_chl_rc_m Value: 1
			.guzel.net.tr/	1970-01-20 23:26:20	Name: _ga_HVX6XG4ZVM Value: GS1.1.1691420225.1.1.1691420228.57.0.0
			.guzel.net.tr/	1970-01-20 23:26:20	Name: _ga Value: GA1.1.1793936371.1691420226

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.guzel.net.tr/clientarea.php Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1691409600 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.guzel.net.tr/clientarea.php Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.guzel.net.tr/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1691409600 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.guzel.net.tr
region1.analytics.google.com
www.guzel.net.tr
2001:4860:4802:32::36
2606:4700:10::6816:29ba
2606:4700::6811:2b8
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200e
2a00:1450:4001:829::2004
2a00:1450:400c:c0b::9a
1cf6f501d1ccf3be2684ff67b54d387d2db04c3b3309aa2dd52881e2565cc3f6
26ebaf0f0f69510e0d6f0c5350ece060c1dc331a3e8df1df54aef9b435690c53
2e8dd47dc41fcfa9b1898a8be39d01d04805a3b4188076e72677e50d41c99496
57e50d392c5b753c4f414f08110dda01c4d9632b0dad54a8e9dcb9f07d8ee051
6895fde19f3010fec3d3f9682607109645421485b65635599138b7fa9c69da61
77d0e2a3f0f35645b17fab57fc5901665fe357518effa9f500cd6673e5c45429
7a7ff22faf50946b223fc4ce63b670d90558152c04d2834f61d1cbe993fb7095
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8d0e2a11dc44a41d16274afe1669ac430e6a247d5b43a08af7f432bf9882ee52
955f42c1a1774dd0dcd83a2ef8e28b36426c2a41c44d8904560df0c50df7d3ea
a7fdf17b78e80f0816697e32701a4ba3f05792b1940faf572fbe277268d97b06
a8262a538faad515a6991b4be4f2b02a60744fcb2a8c6d71f6807c6b46f836b2
ac4003fad8e96e7ea6d539312c333bfa343081271b213d63826d782a8c798c70
b1e2c528c58d67e5e8b7e090e7087a12f2050a26fd4f0a7ef42ca4319d28f406
baa6e36668697f953d0f2f484099f46628083daa1668f9445a5bd9eebfb55a30
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb8cb70ed5d716864eabafb77e8dc0a6ef510170e3bd3baf908ff218fc59c077